27 matches found
WordPress Broken Link Notifier < 1.3.1 - Unauthenticated SSRF
The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajaxblinks function which ultimately calls the checkurlstatuscode function. This makes it possible for unauthenticated attackers to make web requests to...
CVE-2026-25408
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through = 1.3.5...
CVE-2026-25408
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through = 1.3.5...
CVE-2026-25408
CVE-2026-25408: A Missing Authorization vulnerability in WordPress Broken Link Notifier (plugin broken-link-notifier) affects versions
CVE-2026-25408 WordPress Broken Link Notifier plugin <= 1.3.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through = 1.3.5...
CVE-2026-25408
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through = 1.3.5...
CVE-2026-25408 WordPress Broken Link Notifier plugin <= 1.3.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through = 1.3.5...
WordPress plugin Broken Link Notifier 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-20733
Missing Authorization vulnerability in PluginRx Broken Link Notifier broken-link-notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Notifier: from n/a through = 1.3.5...
WordPress Broken Link Notifier plugin <= 1.3.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Broken Link Notifier versions = 1.3.5...
EUVD-2025-21125
Malicious code in bioql PyPI...
WordPress Broken Link Notifier plugin code execution vulnerability
WordPress Broken Link Notifier plugin is a plugin for monitoring broken links e.g. 404 errors, timeout links, etc. within a website. A code execution vulnerability exists in the WordPress Broken Link Notifier plugin that stems from the possibility of embedding malicious input when exporting CSV...
CVE-2025-6838
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CS...
CVE-2025-6838
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CS...
CVE-2025-6851
The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajaxblinks function which ultimately calls the checkurlstatuscode function. This makes it possible for unauthenticated attackers to make web requests to...
CVE-2025-6851
The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajaxblinks function which ultimately calls the checkurlstatuscode function. This makes it possible for unauthenticated attackers to make web requests to...
CVE-2025-6838 Broken Link Notifier <= 1.3.0 - Authenticated (Contributor+) CSV Injection
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CS...
CVE-2025-6838
CVE-2025-6838 affects WordPress Broken Link Notifier plugin up to and including 1.3.0. The vulnerability arises from CSV injection via broken links exported to CSV, enabling authenticated attackers with Contributor-level access or higher to embed untrusted input that can lead to code execution on...
CVE-2025-6851 Broken Link Notifier <= 1.3.0 - Unauthenticated Server-Side Request Forgery
The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajaxblinks function which ultimately calls the checkurlstatuscode function. This makes it possible for unauthenticated attackers to make web requests to...
CVE-2025-6851
The CVE-2025-6851 entry concerns the WordPress Broken Link Notifier plugin. Affected are versions up to and including 1.3.0, where the ajax_blinks() path ultimately calls check_url_status_code(), allowing unauthenticated SSRF from the web application to reach arbitrary external or internal locati...