cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7870,https://securityvulnerability.io/vulnerability/CVE-2024-7870,PixelYourSite Vulnerable to Sensitive Information Exposure,"The PixelYourSite and PixelYourSite PRO plugins for WordPress are affected by a vulnerability that exposes sensitive information through log files that are publicly accessible. This risk exists in all versions up to and including 9.7.1 and 10.4.2, respectively. Attackers without authentication can view sensitive data contained within these log files, posing a significant security risk. Additionally, this vulnerability allows for the unauthorized deletion of log files, which can further compromise data integrity. Ensuring that these plugins are updated and properly configured is essential for maintaining the security of WordPress sites utilizing these tools.",Wordpress,"Pixelyoursite Pro – Your Smart Pixel (tag) Manager,Pixelyoursite – Your Smart Pixel (tag) & Api Manager",7.5,HIGH,0.0006000000284984708,false,,false,false,false,,false,false,2024-09-04T08:30:37.877Z,0
CVE-2023-2584,https://securityvulnerability.io/vulnerability/CVE-2023-2584,Stored Cross-Site Scripting in PixelYourSite Plugin by WordPress,"The PixelYourSite plugin for WordPress is susceptible to Stored Cross-Site Scripting (XSS) due to inadequate sanitization of user inputs in admin settings. This vulnerability affects versions up to 9.3.6 and 9.6.1 in the Pro version, where compromised administrators can inject malicious scripts that execute when users load the affected pages. The issue is particularly critical in multi-site installations or where the unfiltered_html option has been disabled, allowing exploitation of site users without proper defenses.",Wordpress,"PixelYourSite Pro – Your smart PIXEL (TAG) Manager,PixelYourSite – Your smart PIXEL (TAG) Manager",4.8,MEDIUM,0.0007800000021234155,false,,false,false,false,,false,false,2023-06-09T06:16:00.000Z,0