CVE-2025-12545
Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more <= 1.49.2 - Unauthenticated Information Exposure
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
The Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.49.2 via the ajax_pmw_get_product_ids() function due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft products that they should not have access to.
| CWE | CWE-200 |
| Vendor | alekv |
| Product | pixel manager for woocommerce – conversion tracking, google ads, ga4, tiktok, dynamic remarketing |
| Published | Nov 18, 2025 |
| Last Updated | Apr 8, 2026 |
Stay Ahead of the Next One
Get instant alerts for alekv pixel manager for woocommerce – conversion tracking, google ads, ga4, tiktok, dynamic remarketing
Be the first to know when new medium vulnerabilities affecting alekv pixel manager for woocommerce – conversion tracking, google ads, ga4, tiktok, dynamic remarketing are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
alekv / Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing
0 ≤ 1.49.2
References
wordfence.com: https://www.wordfence.com/threat-intel/vulnerabilities/id/9babb946-4033-4e66-8f59-b73185ffcd49?source=cve plugins.trac.wordpress.org: https://plugins.trac.wordpress.org/browser/woocommerce-google-adwords-conversion-tracking-tag/tags/1.49.2/includes/pixels/class-pixel-manager.php#L343 plugins.trac.wordpress.org: https://plugins.trac.wordpress.org/browser/woocommerce-google-adwords-conversion-tracking-tag/tags/1.49.2/includes/pixels/class-pixel-manager.php#L1235
Credits
Athiwat Tiprasaharn