54 matches found
๐ WordPress Branda 3.4.24 Privilege Escalation
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-14998
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability
WordPress Branda - White Label & Branding, Free Login Page Customizer plugin = 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Branda versions = 3.4.24...
CVE-2025-14998
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-14998 Branda โ White Label & Branding, Free Login Page Customizer <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-14998
The Branda plugin for WordPress is affected by CVE-2025-14998: versions through 3.4.24 are vulnerable to unauthenticated privilege escalation via account takeover because the plugin does not properly validate a userโs identity before updating passwords. This allows an attacker to change arbitrary...
CVE-2025-14998 Branda โ White Label & Branding, Free Login Page Customizer <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
VulnCheck KEV: CVE-2025-14998
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
WordPress plugin Branda ๅฎๅ จๆผๆด
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2026-1041
Name of the Vulnerable Software and Affected Versions Branda plugin for WordPress versions through 3.4.24 Description The Branda plugin for WordPress is susceptible to privilege escalation through account takeover. This occurs because the plugin does not correctly verify a userโs identity before...
EUVD-2024-47627
Malicious code in bioql PyPI...
EUVD-2024-46434
Malicious code in bioql PyPI...
EUVD-2023-56254
Malicious code in bioql PyPI...
EUVD-2024-36523
Malicious code in bioql PyPI...
EUVD-2024-50306
Malicious code in bioql PyPI...
CVE-2024-9371
The Branda โ White Label & Branding, Custom Login Page Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.19. This makes it possible for unauthenticated...
CVE-2024-6554
The Branda โ White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.18. This is due the plugin utilizing composer without preventing direct access to the files. This makes it possible for...
CVE-2024-37239
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Branda branda-white-labeling.This issue affects Branda: from n/a through = 3.4.17...
CVE-2023-51542
Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14...
WordPress Branda โ White Label & Branding, Custom Login Page Customizer plugin <= 3.4.19 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Branda versions = 3.4.21...