A vulnerability has been found in White Label CMS, up to version 1.5.2. The vulnerability makes it possible to inject malicious code into websites, by tricking a site administrator into clicking a specially crafted URL. A fix has been released with version 1.5.3.
We have attempted to push an update to all websites on VaultPress with this plugin, upgrading them to 1.5.3. However, we were unable to update some websites due to permission issues.
We will email all site owners who we were unable to upgrade, recommending that they update their site as soon as possible.
As always, drop us a line if you have any questions!