Branda Security Vulnerabilities and Issues — Branda CVE List

Lucene search

WpmudevBranda

4 matches found

CVE•added 2024/07/22 10:15 a.m.•40 views

CVE-2024-37239

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMU DEV Branda allows Stored XSS.This issue affects Branda: from n/a through 3.4.17.

5.9CVSS5.8AI score0.00067EPSS

CVE•added 2024/06/04 1:15 p.m.•38 views

CVE-2023-51542

Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14.

5.3CVSS5.3AI score0.00082EPSS

CVE•added 2024/07/11 4:15 a.m.•38 views

CVE-2024-6554

The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.18. This is due the plugin utilizing composer without preventing direct access to the files. This makes it possible for unauthenticat...

5.3CVSS5.5AI score0.0069EPSS

CVE•added 2024/06/21 7:15 a.m.•36 views

CVE-2024-5191

The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mime_types’ parameter in all versions up to, and including, 3.4.17 due to insufficient input sanitization and output escaping. This makes it possible for authe...

6.4CVSS5.5AI score0.00074EPSS