21 matches found
CVE-2025-12629
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
EUVD-2025-198619
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2025-12629
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2025-12629 Broken Link Manager <= 0.6.5 - Reflected XSS
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2025-12629
The CVE applies to WordPress plugin Broken Link Manager (versions
WordPress plugin Broken Link Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-47886
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
EUVD-2021-11462
Malware in sbrugna...
CVE-2021-24550
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...
CVE-2021-24550
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...
Sql injection
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...
CVE-2021-24550
CVE-2021-24550 affects the WordPress Broken Link Manager plugin (versions ≤ 0.6.5). The issue arises because the plugin does not sanitize, validate, or escape the url GET parameter before using it in a SQL statement when retrieving the URL to edit, causing an authenticated SQL injection. Root cau...
CVE-2021-24550 Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...
Wordpress Plugin Broken Link Manager SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A SQL injection vulnerability exists in Wordpress Plugin Brok...
Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection
The plugin does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue GET...
Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection
The plugin does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue PoC GET...
WordPress Broken Link Manager plugin <= 0.6.5 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Shreya Pohekar in WordPress Broken Link Manager plugin versions = 0.6.5. Solution This plugin has been closed as of June 1, 2021 and is not available for download. Reason: Security Issue...
WordPress broken-link-manager plugin SQL injection vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. broken-link-manager is a backlink management plugin used in it. The WordPress broken-link-manager plugin suffers from an SQL injection...
WordPress broken-link-manager plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. broken-link-manager is a backlink management plugin used in it. A cross-site scripting vulnerability exists in the WordPress...
WordPress Broken Link Manager Plugin <= 0.4.5 - SQL Injection
Because of this vulnerability, unauthenticated remote attackers can execute arbitrary SQL commands and inject malicious javascript. Solution Update the plugin...