Wpmudev Branda – White Label & Branding, Free Login Page Customizer
5 CVEs affecting Wpmudev Branda – White Label & Branding, Free Login Page Customizer. Latest disclosed: 2026-06-20. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-11551 | Critical | 9.8 | 2026-06-20 | The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plu… |
CVE-2025-14998 | Critical | 9.8 | 2026-01-02 | The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plu… |
CVE-2024-5191 | Medium | 6.4 | 2024-06-21 | The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mime_types’ paramet… |
CVE-2024-9371 | Medium | 6.1 | 2024-11-21 | The Branda – White Label & Branding, Custom Login Page Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove… |
CVE-2024-6554 | Medium | 5.3 | 2024-07-11 | The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and includin… |