Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
WordPress
PHP
XSS
White Label Cms
NVD
Exploit-DB
CVSS 2.0
3.5
EPSS
0.8%