CVE-2025-0769

PixelYourSite - Code Injection

Title source: llm

Description

PixelYourSite - Your smart PIXEL (TAG) and API Manager 10.1.1.1 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in myapp/modules/facebook/facebook-server-a sync-task.php.

References (2)

[Product] https://co.wordpress.org/plugins/pixelyoursite/#developers

[Various Sources] https://fluidattacks.com/advisories/skims-23/

Scores

EPSS 0.0019

EPSS Percentile 41.0%

Classification

CWE

CWE-502

Status draft

Timeline

Published Feb 28, 2025

Tracked Since Feb 18, 2026