cleantalk
Vulnerabilities and Security Researches

PilotPress, e4c93ccba1075e159a37aa793e89316e3046711e

CVE, Research URL

e4c93ccba1075e159a37aa793e89316e3046711e

Home page URL

Security reports for PilotPress

Application

PilotPress

Published on
-
Research Description
PilotPress [pilotpress] < 2.0.31 WordPress PilotPress Plugin <= 2.0.29 is vulnerable to Broken Access Control No patched version is available. Nguyen Xuan Chien discovered and reported this Broken Access Control vulnerability in WordPress PilotPress Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet. This vulnerability was reported to and published by Patchstack. Our users receive alerts and protections up to 48 hours in advance. Have additional information or questions about this entry? Get in touch.
Affected versions
max 2.0.31.
Status
vulnerable
Previous vulnerability researches
PilotPress (CVE-2025-58221) , Oct 11, 2025
PilotPress (CVE-2025-58238) , Apr 25, 2026
PilotPress (CVE-2024-23524) , Jun 10, 2024
PilotPress (e4c93ccba1075e159a37aa793e89316e3046711e) , Jun 07, 2024
New vulnerability
SnapWidget Social Photo Feed Widget (CVE-2025-58241) , Apr 25, 2026
Cozy Blocks &#8211; Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider (CVE-2025-59573) , Apr 25, 2026
JoomSport &#8211; for Sports: Team &amp; League, Football, Hockey &amp; more (CVE-2025-7721) , Apr 25, 2026
World first Lifetime free Form Builder for WordPress (CVE-2025-58957) , Apr 25, 2026
Ultimate Classified Listings (CVE-2025-9874) , Apr 25, 2026