Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Branda – White Label WordPress, Custom Login Page Customizer 3.4.8.1

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 16, 2023

The Branda plugin for WordPress is vulnerable to a type of attack called Stored Cross-Site Scripting. This type of attack can allow an attacker with administrator-level permissions to inject malicious code into web pages. This code will execute whenever an unsuspecting user visits one of these infected pages. This vulnerability affects WordPress versions up to and including 3.4.8.1, however it only affects multi-site installations or installations where a certain security feature has been disabled.

Detected in:

Branda – Branda – White Label & Branding, Custom Login Page Customizer fixed vulnerable versions:
Branda – White Label & Branding, Custom Login Page Customizer fixed vulnerable versions:
Branda – White Label & Branding, Free Login Page Customizer fixed vulnerable versions:
Branda – White Label WordPress, Custom Login Page Customizer fixed vulnerable versions: >= * <= 3.4.8.1

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.