Vulnerabilities > Managewp > Broken Link Checker > 1.11.15

DATE CVE VULNERABILITY TITLE RISK
2023-10-12 CVE-2023-23737 Unspecified vulnerability in Managewp Broken Link Checker
Unauth.
network
low complexity
managewp
critical
 9.8
9.8
2022-12-28 CVE-2022-3922 Cross-site Scripting vulnerability in Managewp Broken Link Checker
The Broken Link Checker WordPress plugin before 1.11.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
network
low complexity
managewp CWE-79
4.8
4.8
2022-09-06 CVE-2022-2438 Deserialization of Untrusted Data vulnerability in Managewp Broken Link Checker
The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the '$log_file' value in versions up to, and including 1.11.16.
network
low complexity
managewp CWE-502
7.2
7.2