CVE-2025-22300
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2025-22300 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the PixelYourSite – Your smart PIXEL (TAG) Manager, from version n/a through 10.0.1.2. This issue allows an attacker to trick a user into executing malicious actions on a targeted website, bypassing the user's expected input. An attacker can craft a specific request containing malicious data, which is then sent to the vulnerable website on behalf of the user, potentially leading to unauthorized actions or data modifications. This vulnerability poses a significant risk to users, enabling attackers to manipulate their online activity without their knowledge or consent. It is crucial for users to update their PixelYourSite plugin to a version that addresses this issue to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.