Security Advisory

CVE-2025-10723

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-24 06:00:07

Last updated 2026-01-09 20:19:14

Assigner WPScan

State PUBLISHED

Description

The PixelYourSite WordPress plugin before 11.1.2 does not validate some URL parameters before using them to generate paths passed to function/s, allowing any admins to perform LFI attacks

← Browse all CVEs View on cve.org ↗