GCVE - cpe:2.3:a:wpmudev:broken_link_checker:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpmudev:broken_link_checker:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Wpmudev (`a4908a28-206b-5801-853a-92926b63e5e8`)
Product	Broken Link Checker (`2ac2a992-8f09-5a4e-96a3-458dd67c852e`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/wp-plugins/broken-link-checker`	purl2cpe	2026-06-01 10:13:30.100368
`pkg:github/wpplugins/broken-link-checker`	purl2cpe	2026-06-01 10:13:30.100371

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-28890`	vulnerable	2026-06-03 14:55:26.133286	Details available Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS) condition. Published: 2024-04-23T04:56:24.799Z Updated: 2024-11-18T21:11:06.673Z Open on db.gcve.eu Reference links https://wordpress.org/plugins/forminator/ https://wpmudev.com/ https://jvn.jp/en/jp/JVN50132400/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-25592`	vulnerable	2026-06-03 14:55:13.744449	WordPress Broken Link Checker plugin <= 2.2.3 - Cross Site Scripting (XSS) vulnerability MEDIUM (5.9) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a through 2.2.3. Published: 2024-03-15T13:56:02.689Z Updated: 2026-04-28T16:09:12.475Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/broken-link-checker/wordpress-broken-link-checker-plugin-2-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-10098`	vulnerable	2026-06-03 14:34:38.377800	Broken Link Checker Plugin ui_get_action_links cross site scripting LOW (3.5) A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function print_module_list/show_warnings_section_notice/status_text/ui_get_action_links. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.10.6 is able to address this issue. The name of the patch is f30638869e281461b87548e40b517738b4350e47. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225152. Published: 2023-04-08T09:00:06.707Z Updated: 2024-08-06T08:58:26.361Z Open on db.gcve.eu Reference links https://vuldb.com/?id.225152 https://vuldb.com/?ctiid.225152 https://github.com/wp-plugins/broken-link-checker/commit/f30638869e281461b87548e40b517738b4350e47 https://github.com/wp-plugins/broken-link-checker/releases/tag/1.10.6	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Broken Link Checker

PURL mappings

Vulnerability references

Contribute