Broken Link Checker@* Security Vulnerabilities and Issues — Broken Link Checker@* CVE List

Lucene search

Broken Link Checker ProjectBroken Link Checker*

3 matches found

CVE•added 2022/12/28 11:15 a.m.•54 views

CVE-2022-3922

The Broken Link Checker WordPress plugin before 1.11.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

4.8CVSS4.7AI score0.00102EPSS

CVE•added 2024/12/26 6:15 a.m.•53 views

CVE-2024-10903

The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a multisite installation.

4.7CVSS6.5AI score0.00079EPSS

CVE•added 2017/08/18 6:29 p.m.•27 views

CVE-2015-5057

Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed.

6.1CVSS6AI score0.00295EPSS