Vulnerabilities > Managewp > Broken Link Checker > 0.5.18

DATE CVE VULNERABILITY TITLE RISK
2023-10-12 CVE-2023-23737 SQL Injection vulnerability in Managewp Broken Link Checker
Unauth.
network
low complexity
managewp CWE-89
critical
9.8
2023-06-05 CVE-2014-125105 Cross-site Scripting vulnerability in Managewp Broken Link Checker
A vulnerability was found in Broken Link Checker Plugin up to 1.10.1 on WordPress.
network
low complexity
managewp CWE-79
6.1
2022-12-28 CVE-2022-3922 Cross-site Scripting vulnerability in Managewp Broken Link Checker
The Broken Link Checker WordPress plugin before 1.11.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
network
low complexity
managewp CWE-79
4.8
2022-09-06 CVE-2022-2438 Deserialization of Untrusted Data vulnerability in Managewp Broken Link Checker
The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the '$log_file' value in versions up to, and including 1.11.16.
network
low complexity
managewp CWE-502
7.2
2019-10-18 CVE-2019-17207 Cross-site Scripting vulnerability in Managewp Broken Link Checker
A reflected XSS vulnerability was found in includes/admin/table-printer.php in the broken-link-checker (aka Broken Link Checker) plugin 1.11.8 for WordPress.
network
managewp CWE-79
3.5
2019-10-16 CVE-2019-16521 Cross-site Scripting vulnerability in Managewp Broken Link Checker
The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML.
network
managewp CWE-79
4.3