2 matches found
PT-2025-43581
Name of the Vulnerable Software and Affected Versions PixelYourSite WordPress plugin versions prior to 11.1.2 Description The PixelYourSite WordPress plugin does not properly validate certain URL parameters before utilizing them to construct file paths that are then passed to functions. This...
Cross site scripting
The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 9.6.1 in the Pro version due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...