Cross-Site Scripting Vulnerability in White Label CMS Plugin for WordPress
CVE-2012-5388
Currently unrated
Summary
The vulnerability in the White Label CMS plugin for WordPress allows authenticated administrators to exploit Cross-Site Scripting (XSS) due to improper handling of the 'wlcms_o_developer_name' parameter. This exploitation occurs during a save action to the wp-admin/admin.php file, enabling remote attackers to inject arbitrary scripts or HTML. The vulnerability poses a risk to websites utilizing this plugin, making it essential for administrators to implement appropriate security measures.
References
Timeline
Vulnerability published
Vulnerability Reserved