cleantalk
Vulnerabilities and Security Researches

PilotPress, CVE-2025-58238

CVE, Research URL

CVE-2025-58238

Home page URL

Security reports for PilotPress

Application

PilotPress

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ONTRAPORT PilotPress pilotpress allows Stored XSS.This issue affects PilotPress: from n/a through <= 2.0.36.
Affected versions
max 2.0.36.
Status
vulnerable
Previous vulnerability researches
Memberful WP (CVE-2024-9242) , Oct 05, 2024
Memberful WP (CVE-2024-11294) , Dec 18, 2024
Memberful WP (CVE-2025-58000) , Apr 25, 2026
New vulnerability
Smart Docs (CVE-2025-9333) , Apr 25, 2026
WPKoi Templates for Elementor (CVE-2025-57999) , Apr 25, 2026
HT Mega &#8211; Absolute Addons For Elementor (CVE-2026-4106) , Apr 25, 2026
Verowa Connect (CVE-2025-58257) , Apr 25, 2026
Image Editor by Pixo (CVE-2025-58232) , Apr 25, 2026