White Label CMS 1.5 - CSRF & Persistent XSS

No description provided by source. Exploit Title: White Label CMS v 1.5 CSRF w/ persistent XSS Date: 21/10/2012 Exploit Author: pcsjj Vendor Homepage: http://www.videousermanuals.com/white-label-cms/ Version: 1.5 Software Link: http://plugins.svn.wordpress.org/white-label-cms/branches/ Downloads:...

Cross site scripting

Cross-site scripting XSS vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wlcmsodevelopername parameter in a save action to wp-admin/admin.php, a related issue to CVE-2012-53...

CVE-2012-5387

The CVE-2012-5387 entry refers to a CSRF vulnerability in the White Label CMS WordPress plugin (wlcms-plugin.php) before version 1.5.1. The underlying flaw allows remote attackers to hijack administrator authentication by submitting a request to wp-admin/admin.php with the wlcms_o_developer_name ...

White Label CMS 1.5 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: White Label CMS v 1.5 CSRF w/ persistent XSS Date: 21/10/2012 Exploit Author: pcsjj Vendor Homepage: http://www.videousermanuals.com/white-label-cms/ Version: 1.5 Software Link: http://plugins.svn.wordpress.org/white-label-cms/branches/ Downloads: 110,313 CVE : CVE-2012-5387 CSRF,...

White Label CMS v 1.5 CSRF / Persistent XSS

CVE : CVE-2012-5387 CSRF, CVE-2012-5388 XSS Exploit Title: White Label CMS v 1.5 CSRF w/ persistent XSS Date: 21/10/2012 Exploit Author: pcsjj Vendor Homepage: http://www.videousermanuals.com/white-label-cms/ Version: 1.5 Software Link: http://plugins.svn.wordpress.org/white-label-cms/branches/...