Thanks to PCSJJ for pointing out a minor security vulnerability in the current version of the White Label CMS plugin.
The plugin has been updated to correct the issue and version 1.5.1 is now available from the WordPress plugin repository. Get it here.
In a nutshell, the issue was that if you were logged in as an admin you could add malicious code to the “developer link” in the footer of the dashboard which could effect other admins.
We added nonce to the form and it is now secure.