This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor K-78 First view 2019-10-07
Product Broken Link Manager Last view 2019-10-10
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:k-78:broken_link_manager:0.4.5:*:*:*:*:wordpress:*:* 3
cpe:2.3:a:k-78:broken_link_manager:*:*:*:*:*:wordpress:*:* 2

Related : CVE

  Date Alert Description
6.1 2019-10-10 CVE-2015-9468

The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.

9.8 2019-10-10 CVE-2015-9467

The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.

6.1 2019-10-07 CVE-2015-9453

The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
33% (1) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...