CVE-2014-125105

Name of the Vulnerable Software and Affected Versions Broken Link Checker Plugin versions up to 1.10.1

Description A vulnerability was found in the Broken Link Checker Plugin. It affects the function options page of the file core/core.php of the component Settings Page. The manipulation of the argument exclusion list/blc custom fields leads to cross-site scripting. The attack can be launched remotely.

Recommendations For Broken Link Checker Plugin versions up to 1.10.1, upgrade to version 1.10.2 to address this issue. As a temporary workaround, consider restricting access to the options page function of the Settings Page component until the upgrade is applied.