PT-2026-8037 · WordPress · Pixelyoursite
Os
+1
·
Publicado
2026-02-13
·
Atualizado
2026-02-14
·
CVE-2026-1841
CVSS v3.1
7.2
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PixelYourSite – Your smart PIXEL (TAG) & API Manager plugin for WordPress versions through 11.2.0
Description
The PixelYourSite – Your smart PIXEL (TAG) & API Manager plugin for WordPress is susceptible to Stored Cross-Site Scripting. Insufficient input sanitization and output escaping in the
pysTrafficSource parameter and the pys landing page parameter allow unauthenticated attackers to inject arbitrary web scripts. These scripts will execute when a user accesses an injected page.Recommendations
Update PixelYourSite – Your smart PIXEL (TAG) & API Manager plugin for WordPress to a version later than 11.2.0.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pixelyoursite