WordPress PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin <= 12.5.0.1 - Unauthenticated Blind Server-Side Request Forgery vulnerability

Unauthenticated Blind Server-Side Request Forgery vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin PixelYourSite PRO versions = 12.5.0.1...

CVE-2026-7049

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

CVE-2026-7049

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

CVE-2026-7049

CVE-2026-7049 concerns the PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin for WordPress. All versions up to and including 12.5.0.1 are affected by a Server-Side Request Forgery via the scan_video parameter. The vulnerability allows unauthenticated attackers to cause the web application...

CVE-2026-7049 PixelYourSite Pro <= 12.5.0.1 - Unauthenticated Blind Server-Side Request Forgery via 'urls[]' Parameter

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

WordPress plugin PixelYourSite Pro 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-36581

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scan video. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fr...

WordPress PixelYourSite PRO plugin <= 12.4.0.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin PixelYourSite PRO versions = 12.4.0.2...

CVE-2026-1844

The PixelYourSite PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pysTrafficSource' parameter and the 'pyslandingpage' parameter in all versions up to, and including, 12.4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-1844 PixelYourSite PRO <= 12.4.0.2 - Unauthenticated Stored Cross-Site Scripting

The PixelYourSite PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pysTrafficSource' parameter and the 'pyslandingpage' parameter in all versions up to, and including, 12.4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for...

PT-2026-8038

Name of the Vulnerable Software and Affected Versions PixelYourSite PRO plugin for WordPress versions prior to 12.4.0.3 Description The PixelYourSite PRO plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping related ...

WordPress plugin PixelYourSite PRO 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress PixelYourSite PRO plugin <= 10.4.2 - Unauthenticated Information Exposure and Log Deletion vulnerability

Unauthenticated Information Exposure and Log Deletion vulnerability discovered by Xetnus in WordPress Plugin PixelYourSite PRO versions = 10.4.2...

WordPress PixelYourSite PRO Plugin <= 10.4.2 is vulnerable to Sensitive Data Exposure

Software PixelYourSite PRO Type Plugin Vulnerable versions = 10.4.2 Fixed in 10.4.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7870 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c3722df4917d Credits Xetnus Required...

WordPress PixelYourSite PRO Plugin < 9.6.2 is vulnerable to Cross Site Scripting (XSS)

Software PixelYourSite PRO Type Plugin Vulnerable versions 9.6.2 Fixed in 9.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2584 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 95abbc665cdf Credits Marco Wotschka Required...