MEDIUM
videousermanuals
CVE published 2026-07-11
CVE-2026-11898
The White Label CMS plugin for WordPress has a Stored Cross-Site Scripting vulnerability via admin settings in all versions up to, and including, 2.7.12. This is due to insufficient input sanitization and output escaping. Authenticated attackers with administrator-level permissions can inject web scripts that execute when a user accesses an injected page. This affects multi-site installations and installa [truncated]