cleantalk
Vulnerabilities and Security Researches

Branda – White Label WordPress, Custom Login Page Customizer, CVE-2024-37239

CVE, Research URL

CVE-2024-37239

Home page URL

Security reports for Branda – White Label WordPress, Custom Login Page Customizer

Application

Branda – White Label WordPress, Custom Login Page Customizer

Published on
Jul 22, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMU DEV Branda allows Stored XSS.This issue affects Branda: from n/a through 3.4.17.
Affected versions
Min -, max 3.4.18.
Status
vulnerable
Previous vulnerability researches
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2024-5191) , Jun 22, 2024
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2024-37239) , Jul 02, 2024
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2024-6554) , Jul 22, 2024
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2023-51542) , Jun 07, 2024
Branda – White Label WordPress, Custom Login Page Customizer (94d463f85fe79f062f8660ab7b7ce4742d0ce867) , Jun 07, 2024
New vulnerability
Min Max Default Quantity for WooCommerce (CVE-2025-47504) , Jun 09, 2025
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025