PT-2025-53777 · WordPress · Pixelyoursite
Marcin Dudek
·
Published
2025-12-29
·
Updated
2025-12-30
·
CVE-2025-14280
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PixelYourSite versions up to and including 11.1.5
Description
The PixelYourSite plugin for WordPress is susceptible to sensitive information disclosure through publicly exposed log files. An unauthenticated attacker may be able to view potentially sensitive information contained within these logs when the "Meta API logs" setting is enabled. The issue was addressed with a partial patch in version 11.1.5 and a full patch in version 11.1.5.1.
Recommendations
Update to version 11.1.5.1 or later.
Disable the "Meta API logs" setting.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pixelyoursite