CVE-2024-6625

The WP Total Branding – Complete branding solution for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-6625

CVE-2024-6625 concerns the WP Total Branding – Complete branding solution for WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in admin settings present in all versions up to 1.2, caused by insufficient input sanitization and output escaping. Attack requires authent...

WordPress WP Total Branding plugin <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via title Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via title Parameter vulnerability discovered by Artem Polynko Artem Polynko in WordPress Plugin WP Total Branding versions = 1.2...

WordPress plugin WP Total Branding security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress WP Total Branding Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Total Branding Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6625 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a7d5303cf6ee Credits Artem Polynko Artem Polynk...