exploitDog

GHSA-259w-3jff-442h

Опубликовано: 24 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 2.7

Описание

The PixelYourSite WordPress plugin before 11.1.2 does not validate some URL parameters before using them to generate paths passed to function/s, allowing any admins to perform LFI attacks

The PixelYourSite WordPress plugin before 11.1.2 does not validate some URL parameters before using them to generate paths passed to function/s, allowing any admins to perform LFI attacks

Ссылки

EPSS

Процентиль: 17%

0.00053

Низкий

2.7 Low

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2025-10723

CVSS3: 2.7

nvd

4 месяца назад

The PixelYourSite WordPress plugin before 11.1.2 does not validate some URL parameters before using them to generate paths passed to function/s, allowing any admins to perform LFI attacks

EPSS

Процентиль: 17%

0.00053

Низкий

2.7 Low

CVSS3

CVE ID

Дефекты

CWE-22