28 matches found
EUVD-2025-30566
Malicious code in bioql PyPI...
EUVD-2024-21019
Malicious code in bioql PyPI...
EUVD-2025-30571
Malicious code in bioql PyPI...
CVE-2025-58221
Missing Authorization vulnerability in ONTRAPORT PilotPress pilotpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ONTRAPORT PilotPress pilotpress allows Stored XSS.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ONTRAPORT PilotPress pilotpress allows Stored XSS.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58221
Missing Authorization vulnerability in ONTRAPORT PilotPress pilotpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PilotPress: from n/a through = 2.0.36...
WordPress PilotPress Plugin <= 2.0.36 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin PilotPress versions = 2.0.36...
WordPress PilotPress Plugin <= 2.0.36 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin PilotPress versions = 2.0.36...
CVE-2025-58221 WordPress PilotPress Plugin <= 2.0.36 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ONTRAPORT PilotPress pilotpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58221
CVE-2025-58221: PilotPress (Ontraport) WordPress plugin contains a Missing Authorization issue that permits an unauthenticated entity to perform an “arbitrary options update” via the wcmlim_settings_ajax_handler. This aligns with a network-scope vulnerability (CVSS v3.1: 4.3, Medium) and is assoc...
CVE-2025-58221 WordPress PilotPress Plugin <= 2.0.36 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ONTRAPORT PilotPress pilotpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58238 WordPress PilotPress Plugin <= 2.0.36 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ONTRAPORT PilotPress pilotpress allows Stored XSS.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58238 WordPress PilotPress Plugin <= 2.0.36 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ONTRAPORT PilotPress pilotpress allows Stored XSS.This issue affects PilotPress: from n/a through = 2.0.36...
CVE-2025-58238
PilotPress (ONTRAPORT WordPress plugin) contains a Stored XSS in versions up to and including 2.0.36. The vulnerability is triggered when an authenticated attacker injects script via input that is not properly neutralized during web page generation. Effects are as described in Wordfence vulnerabi...
PT-2025-38887
Name of the Vulnerable Software and Affected Versions ONTRAPORT PilotPress versions through 2.0.35 Description A missing authorization issue exists in ONTRAPORT PilotPress, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update ONTRAPORT...
WordPress plugin ONTRAPORT PilotPress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...
WordPress plugin ONTRAPORT PilotPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blogging sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...
PT-2025-38903
Name of the Vulnerable Software and Affected Versions ONTRAPORT PilotPress versions through 2.0.35 Description A flaw exists in ONTRAPORT PilotPress that allows for Stored Cross-site Scripting XSS. This issue arises from improper handling of input during the creation of web pages. Successful...
CVE-2024-23524
Missing Authorization vulnerability in ONTRAPORT Inc. PilotPress.This issue affects PilotPress: from n/a through 2.0.30...