Description
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Published: 2026-06-19
Score: 9.8 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Branda plugin for WordPress contains a flaw that allows an attacker to change any user’s password without authentication. This lack of identity verification during password updates enables an unauthenticated attacker to take over administrative accounts, effectively gaining full control of the site. The vulnerability is a classic account‑takeover flaw, classified as CWE‑640.

Affected Systems

WordPress sites using versions of the Branda – White Label & Branding, Free Login Page Customizer plugin up to and including 3.4.29 are potentially exposed. The issue is present in all earlier releases of the plugin where the password update path lacks proper user validation.

Risk and Exploitability

With a CVSS score of 9.8, the vulnerability is considered critical. Because the attack can be performed without authentication, the exploitation risk is high, although the EPSS score is not available. The lack of mitigation in the affected plugin versions means that any site with an old Branda plugin can be compromised easily if an attacker finds a way to reach the password update endpoint. The vulnerability is not listed in the CISA KEV catalog yet, but its severity and unauthenticated nature warrant immediate attention.

Generated by OpenCVE AI on June 20, 2026 at 00:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Branda plugin to the latest version (3.4.30 or later) where the password update logic validates the user’s identity before changing the password.
  • If an upgrade is not feasible, locate and remove the Branda plugin from the site to eliminate the attack vector.
  • Ensure that user accounts, especially administrators, have strong, unique passwords and consider enabling two‑factor authentication to guard against account takeover attempts.

Generated by OpenCVE AI on June 20, 2026 at 00:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 19 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Description The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Title Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover
Weaknesses CWE-640
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-06-19T23:29:21.990Z

Reserved: 2026-06-08T05:16:38.024Z

Link: CVE-2026-11551

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-20T00:30:15Z

Weaknesses
  • CWE-640

    Weak Password Recovery Mechanism for Forgotten Password