PT-2026-8038 · WordPress · Pixelyoursite Pro
Os
+1
·
Publicado
2026-02-13
·
Atualizado
2026-02-14
·
CVE-2026-1844
CVSS v3.1
7.2
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PixelYourSite PRO plugin for WordPress versions prior to 12.4.0.3
Description
The PixelYourSite PRO plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping related to the
pysTrafficSource parameter and the pys landing page parameter. An unauthenticated attacker can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page.Recommendations
Update the PixelYourSite PRO plugin to version 12.4.0.3 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pixelyoursite Pro