WP Clinic
Log in Sign up

PLUGIN SECURITY

Is White Label Cms safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the White Label Cms WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: white-label-cms
  • Requires PHP: 5.4+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • White Label CMS [white-label-cms] < 2.2.9 [CVE-2022-0422, White Label MS <= 2.2.8 - Reflected Cross-Site Scripting, White Label MS &lt; 2.2.9 - Reflected Cross-Site Scripting]
  • White Label CMS [white-label-cms] < 1.5.1 [CVE-2012-5387, WordPress White Label CMS Plugin <= 1.5.0 - CSRF, White Label CMS < 1.5.1 - Reflected Cross-Site Scripting]
  • White Label CMS [white-label-cms] < 1.5.1 [CVE-2012-5388, WordPress White Label CMS Plugin <= 1.5 - XSS, White Label CMS < 1.5.1 - Cross-Site Scripting, White Label CMS - Cross-Site Request Forgery]
  • White Label CMS [white-label-cms] < 1.5.3 [WordPress White Label CMS Plugin <= 1.5.2 - Stored Cross Site Scripting]
  • White Label CMS [white-label-cms] < 2.5 [CVE-2022-4302, White Label CMS <= 2.4 - Authenticated (Administrator+) PHP Object Injection, WordPress White Label CMS Plugin < 2.5 is vulnerable to PHP Object Injection, White Label CMS &lt; 2.5 - Admin+ PHP Object Injection]
+ 5 more known vulnerabilities
  • White Label CMS [white-label-cms] < 1.5.3 [White Label CMS <= 1.5.2 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting]
  • White Label CMS [white-label-cms] < 1.5.3 [White Label CMS &lt;= 1.5.2 - Stored XSS]
  • White Label CMS [white-label-cms] < 2.7.4 [CVE-2024-4280, White Label CMS <= 2.7.3 - Missing Authorization to Plugin Settings Reset, WordPress White Label CMS Plugin <= 2.7.3 is vulnerable to Broken Access Control]
  • White Label CMS [white-label-cms] < 2.7.5 [CVE-2024-43303, WordPress White Label CMS Plugin <= 2.7.4 is vulnerable to Cross Site Scripting (XSS), White Label CMS <= 2.7.4 - Reflected Cross-Site Scripting]
  • White Label CMS [white-label-cms] < 2.7.13 [CVE-2026-11898, White Label CMS <= 2.7.12 - Authenticated (Administrator+) Stored Cross-Site Scripting via Import Settings]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.