CVE-2024-43303
- EPSS 0.16%
- Veröffentlicht 18.08.2024 21:15:03
- Zuletzt bearbeitet 19.08.2024 12:59:59
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in videousermanuals.Com White Label CMS allows Reflected XSS.This issue affects White Label CMS: from n/a through 2.7.4.
CVE-2024-4280
- EPSS 0.2%
- Veröffentlicht 14.05.2024 15:43:12
- Zuletzt bearbeitet 21.11.2024 09:42:32
The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the reset_plugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attacke...
CVE-2012-5387
- EPSS 2.03%
- Veröffentlicht 24.10.2012 17:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin before 1.5.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify the developer name via the wl...
CVE-2012-5388
- EPSS 0.47%
- Veröffentlicht 24.10.2012 17:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wlcms_o_developer_name parameter in a save action t...