WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin = 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin Branda versions = 3.4.29...

EUVD-2026-38097

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2026-11551

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2026-11551 Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2026-11551

CVE-2026-11551 affects the Branda – White Label & Branding, Free Login Page Customizer WordPress plugin (

PT-2026-51041

Name of the Vulnerable Software and Affected Versions Branda plugin for WordPress versions prior to 3.4.30 Description The plugin is susceptible to privilege escalation through account takeover. This occurs because the software fails to properly validate a user's identity before updating a...

📄 WordPress Branda 3.4.24 Privilege Escalation

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2025-14998

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin = 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Branda versions = 3.4.24...

CVE-2025-14998

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2025-14998 Branda – White Label & Branding, Free Login Page Customizer <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2025-14998 Branda – White Label & Branding, Free Login Page Customizer <= 3.4.24 - Unauthenticated Privilege Escalation via Account Takeover

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

CVE-2025-14998

The Branda plugin for WordPress is affected by CVE-2025-14998: versions through 3.4.24 are vulnerable to unauthenticated privilege escalation via account takeover because the plugin does not properly validate a user’s identity before updating passwords. This allows an attacker to change arbitrary...

WordPress plugin Branda 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2026-1041

Name of the Vulnerable Software and Affected Versions Branda plugin for WordPress versions through 3.4.24 Description The Branda plugin for WordPress is susceptible to privilege escalation through account takeover. This occurs because the plugin does not correctly verify a user’s identity before...

VulnCheck KEV: CVE-2025-14998

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

EUVD-2024-50306

Malicious code in bioql PyPI...

EUVD-2023-56254

Malicious code in bioql PyPI...

EUVD-2024-47627

Malicious code in bioql PyPI...

EUVD-2024-46434

Malicious code in bioql PyPI...