WordPress Broken Link Manager plugin <= 0.6.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Yousof Nahya in WordPress Plugin Broken Link Manager versions = 0.6.5...

CVE-2025-12629

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2025-198619

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-12629

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-12629 Broken Link Manager <= 0.6.5 - Reflected XSS

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-12629 Broken Link Manager <= 0.6.5 - Reflected XSS

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-12629

The CVE applies to WordPress plugin Broken Link Manager (versions

WordPress plugin Broken Link Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-47886

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2015-9308

Malware in sbrugna...

EUVD-2021-11462

Malware in sbrugna...

EUVD-2015-9293

Malware in sbrugna...

EUVD-2015-9307

Malware in sbrugna...

CVE-2015-9468

The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action...

CVE-2015-9453

The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist...

CVE-2015-9467

The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter...

CVE-2021-24550

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...

CVE-2021-24550

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...

Sql injection

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue...

CVE-2021-24550

CVE-2021-24550 affects the WordPress Broken Link Manager plugin (versions ≤ 0.6.5). The issue arises because the plugin does not sanitize, validate, or escape the url GET parameter before using it in a SQL statement when retrieving the URL to edit, causing an authenticated SQL injection. Root cau...