cleantalk
Vulnerabilities and Security Researches

White Label CMS, CVE-2022-0422

CVE, Research URL

CVE-2022-0422

Application

White Label CMS

Published on
Mar 07, 2022
Research Description
The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue
Affected versions
Min -, max 2.2.9.
Status
vulnerable