CVE-2019-16521 - OpenCVE

The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML. The filter function on the page listing all detected broken links can be exploited by providing an XSS payload in the s_filter GET parameter in a filter_id=search request. NOTE: this is an end-of-life product.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Managewp	Broken Link Checker

Configuration 1 [-]

cpe:2.3:a:managewp:broken_link_checker:*:*:*:*:*:wordpress:*:*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2019/10/16/3	Exploit Mailing List Third Party Advisory
https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-02_WordPress_Plugin_Broken_Link_Checker	Exploit Third Party Advisory
https://wordpress.org/plugins/broken-link-checker/#developers	Product Third Party Advisory
https://wpvulndb.com/vulnerabilities/9917	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-10-16T14:05:40

Updated: 2019-10-16T17:06:37

Reserved: 2019-09-19T00:00:00

Link: CVE-2019-16521

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-10-16T15:15:15.270

Modified: 2019-10-18T20:24:32.450

Link: CVE-2019-16521

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML. The filter function on the page listing all detected broken links can be exploited by providing an XSS payload in the s_filter GET parameter in a filter_id=search request. NOTE: this is an end-of-life product."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-16T17:06:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wordpress.org/plugins/broken-link-checker/#developers"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-02_WordPress_Plugin_Broken_Link_Checker"}, {"name": "[oss-security] 20191016 [SBA-ADV-20190913-02] CVE-2019-16521: WordPress Plugin - Broken Link Checker <= 1.11.8 - Reflected XSS", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/10/16/3"}, {"tags": ["x_refsource_MISC"], "url": "https://wpvulndb.com/vulnerabilities/9917"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16521", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML. The filter function on the page listing all detected broken links can be exploited by providing an XSS payload in the s_filter GET parameter in a filter_id=search request. NOTE: this is an end-of-life product."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://wordpress.org/plugins/broken-link-checker/#developers", "refsource": "MISC", "url": "https://wordpress.org/plugins/broken-link-checker/#developers"}, {"name": "https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-02_WordPress_Plugin_Broken_Link_Checker", "refsource": "MISC", "url": "https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-02_WordPress_Plugin_Broken_Link_Checker"}, {"name": "[oss-security] 20191016 [SBA-ADV-20190913-02] CVE-2019-16521: WordPress Plugin - Broken Link Checker <= 1.11.8 - Reflected XSS", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/10/16/3"}, {"name": "https://wpvulndb.com/vulnerabilities/9917", "refsource": "MISC", "url": "https://wpvulndb.com/vulnerabilities/9917"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16521", "datePublished": "2019-10-16T14:05:40", "dateReserved": "2019-09-19T00:00:00", "dateUpdated": "2019-10-16T17:06:37", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:managewp:broken_link_checker:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "6A8A4C2E-2795-4373-AE4A-08FEB13A87A3", "versionEndIncluding": "1.11.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML. The filter function on the page listing all detected broken links can be exploited by providing an XSS payload in the s_filter GET parameter in a filter_id=search request. NOTE: this is an end-of-life product."}, {"lang": "es", "value": "El plugin broken-link-checker versiones hasta 1.11.8 para WordPress (tambi\u00e9n se conoce como Broken Link Checker), es susceptible a una vulnerabilidad de tipo XSS reflejado debido a la codificaci\u00f3n e inserci\u00f3n inapropiada de un par\u00e1metro GET HTTP en HTML. La funci\u00f3n filter en la p\u00e1gina que enumera todos los enlaces rotos detectados puede ser explotada proporcionando una carga \u00fatil XSS en el par\u00e1metro GET de s_filter en una petici\u00f3n filter_id=search. NOTA: este es un producto al final de su vida \u00fatil."}], "id": "CVE-2019-16521", "lastModified": "2019-10-18T20:24:32.450", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-16T15:15:15.270", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/10/16/3"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-02_WordPress_Plugin_Broken_Link_Checker"}, {"source": "cve@mitre.org", "tags": ["Product", "Third Party Advisory"], "url": "https://wordpress.org/plugins/broken-link-checker/#developers"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://wpvulndb.com/vulnerabilities/9917"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}