White Label CMS, CVE-2022-0422
- CVE, Research URL
- Home page URL
- Application
- Published on
- Mar 07, 2022
- Research Description
- The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue
- Affected versions
-
Min -, max 2.2.9.
- Status
-
vulnerable