4 matches found
CVE-2022-0422
The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcmslogincustomjs parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0422
The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcmslogincustomjs parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0422 White Label MS < 2.2.9 - Reflected Cross-Site Scripting
The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcmslogincustomjs parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-0422
CVE-2022-0422 affects WordPress White Label CMS Plugin prior to 2.2.9. The vulnerability is a reflected Cross-Site Scripting flaw caused by insufficient sanitization/validation of the wlcms[_login_custom_js] parameter during preview, enabling execution of arbitrary JavaScript in the victim’s brow...