10 matches found
π WordPress Branda 3.4.24 Privilege Escalation
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
WordPress Branda β White Label & Branding, Custom Login Page Customizer plugin <= 3.4.19 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Branda versions = 3.4.21...
WordPress plugin Branda θ·¨η«θζ¬ζΌζ΄
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
WordPress Branda β White Label WordPress, Custom Login Page Customizer plugin <= 3.4.18 - Unauthenticated Full Path Disclosure vulnerability
Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin Branda versions = 3.4.18...
WordPress Branda Plugin <= 3.4.18 is vulnerable to Full Path Disclosure (FPD)
Software Branda Type Plugin Vulnerable versions = 3.4.18 Fixed in 3.4.19 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6554 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 85b623e615a7 Credits stealthcopter Required privilege...
WordPress plugin Branda security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Branda plugin <= 3.4.17 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Fulan Engineering Patchstack Alliance in WordPress Plugin Branda versions = 3.4.17...
WordPress Branda Plugin <= 3.4.17 is vulnerable to Cross Site Scripting (XSS)
Software Branda Type Plugin Vulnerable versions = 3.4.17 Fixed in 3.4.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37239 Patch priority Low CVSS severity Low 5.9 Developer WPMU DEV PSID c46fde0b0815 Credits Fulan Engineering Required privilege Administrator...
WordPress Branda plugin <= 3.4.17 - Authenticated Stored Cross-Site Scripting via SVG Upload vulnerability
Authenticated Stored Cross-Site Scripting via SVG Upload vulnerability discovered by wesley wcraft in WordPress Plugin Branda versions = 3.4.17...
WordPress Branda Plugin <= 3.4.8.1 is vulnerable to Cross Site Scripting (XSS)
Software Branda Type Plugin Vulnerable versions = 3.4.8.1 Fixed in 3.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.9 Developer WPMU DEV PSID a80ca4d3559a Credits Unknown Required privilege Administrator Publish...