Product Catalog Feed

product_catalog_feed

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-49824 1Pixelyoursite 1Product Catalog Feed Jun 17, 2026 Dec 17, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.This issue affects Product Catalog Feed by PixelYourSite: from n/a through 2.1.1.
CVE-2023-1805 1Pixelyoursite 1Product Catalog Feed Jun 17, 2026 May 2, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could b...Show more The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminShow less
CVE-2023-1804 1Pixelyoursite 1Product Catalog Feed Jun 17, 2026 May 2, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could b...Show more The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators.Show less