Skip to main content

Pixelyoursite

5 CVEs product

Monthly

CVE-2024-7870 HIGH PATCH This Week

The PixelYourSite - Your smart PIXEL (TAG) & API Manager and the PixelYourSite PRO plugins for WordPress are vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass WordPress Information Disclosure Pixelyoursite
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-37447 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PixelYourSite PixelYourSite - Your smart PIXEL (TAG) Manager allows Stored XSS.6.1.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pixelyoursite
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-2584 MEDIUM PATCH This Month

The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 (9.6.1 in the Pro version) due to insufficient input. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Pixelyoursite Pixelyoursite Pro
NVD VulDB
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-22700 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite - Your smart PIXEL (TAG) Manager plugin <= 9.3.0 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pixelyoursite
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2018-0578 MEDIUM This Month

Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Pixelyoursite
NVD
CVSS 3.0
5.4
EPSS
0.8%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The PixelYourSite - Your smart PIXEL (TAG) & API Manager and the PixelYourSite PRO plugins for WordPress are vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass WordPress Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PixelYourSite PixelYourSite - Your smart PIXEL (TAG) Manager allows Stored XSS.6.1.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pixelyoursite
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 (9.6.1 in the Pro version) due to insufficient input. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Pixelyoursite +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite - Your smart PIXEL (TAG) Manager plugin <= 9.3.0 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pixelyoursite
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Pixelyoursite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy