Carlos Flores

**Name of the Vulnerable Software and Affected Versions** Broken Link Checker WordPress plugin versions prior to 2.4.2 **Description** The issue arises from the plugin's failure to validate link URLs before making requests to them. This could allow admin users to perform Server-Side Request Forgery (SSRF) attacks, particularly in multisite installations. SSRF is a type of attack where an attacker can trick a server into making requests to internal or external resources, potentially leading to unauthorized access or data exposure. **Recommendations** For versions prior to 2.4.2, update to version 2.4.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Broken Link Checker plugin in multisite installations until the update is applied. Additionally, restrict access to the plugin's functionality for non-admin users to minimize the risk of exploitation.