Lucene search
PcsjjPATCHSTACK:50DFF0E6BBF0C0F8E061AA10C77CEEBCHistoryOct 15, 2012 - 12:00 a.m.
WordPress White Label CMS Plugin <= 1.5.0 - CSRF
2012-10-1500:00:00
pcsjj
patchstack.com
6
EPSS
0.006
Percentile
77.9%
Because of this vulnerability in wlcms-plugin.php, the attackers can hijack the authentication of administrators for requests that modify the developer name via the wlcms_o_developer_name parameter in a save action to wp-admin/admin.php.
Solution
Update the plugin.
Related
prion
prion
Cross site request forgery (csrf)
2012-10-24 17:55:00
Cross site scripting
2012-10-24 17:55:00
cvelist
cvelist
CVE-2012-5387
2012-10-24 10:00:00
CVE-2012-5388
2012-10-24 10:00:00
nvd
nvd
CVE-2012-5387
2012-10-24 17:55:02
CVE-2012-5388
2012-10-24 17:55:02
cve
cve
CVE-2012-5387
2012-10-24 17:55:02
CVE-2012-5388
2012-10-24 17:55:02
packetstorm
packetstorm
White Label CMS 1.5 Cross Site Request Forgery / Cross Site Scripting
2012-10-22 00:00:00
exploitdb
exploitdb
seebug
seebug
White Label CMS 1.5 - CSRF & Persistent XSS
2014-07-01 00:00:00
exploitpack
exploitpack
wpvulndb
wpvulndb
White Label CMS - Cross-Site Request Forgery
2012-10-21 00:00:00
zdt
zdt
White Label CMS v 1.5 CSRF / Persistent XSS
2012-10-21 00:00:00