Cross-Site Scripting Vulnerability in White Label CMS Plugin for WordPress
CVE-2012-5388

Currently unrated

Key Information:

Vendor

Wordpress
Status
White-label-cms
Vendor
CVE Published:
24 October 2012

What is CVE-2012-5388?

The vulnerability in the White Label CMS plugin for WordPress allows authenticated administrators to exploit Cross-Site Scripting (XSS) due to improper handling of the 'wlcms_o_developer_name' parameter. This exploitation occurs during a save action to the wp-admin/admin.php file, enabling remote attackers to inject arbitrary scripts or HTML. The vulnerability poses a risk to websites utilizing this plugin, making it essential for administrators to implement appropriate security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.exploit-db.com/exploits/22156/
exploitx_refsource_EXPLOIT-DB
http://wordpress.org/extend/plugins/white-label-cms/chang...
x_refsource_MISC
http://www.securityfocus.com/bid/56166
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.