PT-2026-42198

The Cost of Goods by PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csvdata0cost of goods value' parameter in versions up to, and including, 1.2.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2026-27072 WordPress PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 11.2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL TAG Manager pixelyoursite allows Stored XSS.This issue affects PixelYourSite – Your smart PIXEL TAG Manager: from n/a through = 11.2.0.1...

WordPress PixelYourSite plugin <= 11.2.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin PixelYourSite – Your smart PIXEL TAG Manager versions = 11.2.0...

CVE-2026-1841

The PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pysTrafficSource' parameter and the 'pyslandingpage' parameter in all versions up to, and including, 11.2.0 due to insufficient input sanitization and output escaping...

CVE-2025-10723

The PixelYourSite WordPress plugin before 11.1.2 does not validate some URL parameters before using them to generate paths passed to function/s, allowing any admins to perform LFI attacks...

CVE-2025-10723

The PixelYourSite WordPress plugin before 11.1.2 does not validate some URL parameters before using them to generate paths passed to function/s, allowing any admins to perform LFI attacks...

CVE-2025-10588

The PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 11.1.2. This is due to missing or incorrect nonce validation on the adminEnableGdprAjax function. This makes it possible for unauthenticate...

WordPress plugin PixelYourSite 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

WordPress PixelYourSite plugin <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification vulnerability

Cross-Site Request Forgery to GDPR Options Modification vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin PixelYourSite – Your smart PIXEL TAG Manager versions = 11.1.2...

EUVD-2018-1388

Malware in sbrugna...

EUVD-2023-24006

Malicious code in bioql PyPI...

CVE-2023-22700

Cross-Site Request Forgery CSRF vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL TAG Manager plugin = 9.3.0 versions...

CVE-2023-1804

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2023-2584

The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 9.6.1 in the Pro version due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-22300 WordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL TAG Manager allows Cross Site Request Forgery.This issue affects PixelYourSite – Your smart PIXEL TAG Manager: from n/a through 10.0.1.2...

CVE-2025-22300 WordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL TAG Manager pixelyoursite allows Cross Site Request Forgery.This issue affects PixelYourSite – Your smart PIXEL TAG Manager: from n/a through = 10.0.1.2...

CVE-2025-22300

CVE-2025-22300: A CSRF in PixelYourSite – Your smart PIXEL (TAG) Manager (affecting versions up to 10.0.1.2) could allow unauthorized actions in the admin context. According to the CVSS, the attack requires user interaction and no privileges. No public fix is detailed in the provided documents; m...

WordPress plugin PixelYourSite–Your smart PIXEL (TAG) & API Manager 授权问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-2584

The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 9.6.1 in the Pro version due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-2584

The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 9.6.1 in the Pro version due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...