Vulnerability Details CVE-2021-24550
The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.8%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
Products affected by CVE-2021-24550
-
cpe:2.3:a:broken_link_manager_project:broken_link_manager:-
-
cpe:2.3:a:broken_link_manager_project:broken_link_manager:0.6.5