CVE-2015-9453
The CVE concerns the WordPress Broken Link Manager plugin, affected versions before 0.6.0. Root cause: the plugin does not properly validate or sanitize input via HTTP Referer or User‑Agent headers when requests target a non-existent URL, enabling cross‑site scripting. Impact: attacker can inject...