cleantalk
Vulnerabilities and Security Researches

Branda – White Label WordPress, Custom Login Page Customizer, 94d463f85fe79f062f8660ab7b7ce4742d0ce867

CVE, Research URL

94d463f85fe79f062f8660ab7b7ce4742d0ce867

Home page URL

Security reports for Branda – White Label WordPress, Custom Login Page Customizer

Application

Branda – White Label WordPress, Custom Login Page Customizer

Published on
Mar 20, 2023
Research Description
Branda – White Label &amp; Branding, Free Login Page Customizer [branda-white-labeling] < 3.4.9 WordPress Branda Plugin <= 3.4.8.1 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Branda plugin to the latest available version (at least 3.4.9). Unknown discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Branda Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 3.4.9.
Affected versions
max 3.4.9.
Status
vulnerable
Previous vulnerability researches
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2024-5191) , Jun 22, 2024
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2024-37239) , Jul 02, 2024
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2024-6554) , Jul 22, 2024
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2025-14998) , Jan 11, 2026
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2023-51542) , Jun 07, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button &#8211; Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails &amp; Marketing Automation for WooCommerce &#8211; ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026