Vulnerabilities > CVE-2021-24550 - Unspecified vulnerability in Broken Link Manager Project Broken Link Manager 0.6.5

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

broken-link-manager-project

NVD

Published: 2021-08-23

Updated: 2024-11-21

Summary

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue

Vulnerable Configurations

Part	Description	Count
Application	Broken_Link_Manager_Project Broken Link Manager Project Broken Link Manager - Broken Link Manager Project Broken Link Manager 0.6.5	2

References

https://codevigilant.com/disclosure/2021/wp-plugin-broken-link-manager/
https://codevigilant.com/disclosure/2021/wp-plugin-broken-link-manager/
https://wpscan.com/vulnerability/1bf65448-689c-474d-a566-c9b6797d3e4a
https://wpscan.com/vulnerability/1bf65448-689c-474d-a566-c9b6797d3e4a