{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-4047", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-28T19:30:54.272Z", "datePublished": "2025-06-03T02:27:34.395Z", "dateUpdated": "2026-04-08T16:45:31.920Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:31.920Z"}, "affected": [{"vendor": "wpmudev", "product": "Broken Link Checker", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.4", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status."}], "title": "Broken Link Checker <= 2.4.4 - Missing Autorization to Authenticated (Subscriber+) Plugin Status Dashboard View", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33ac910c-9531-45ea-84cf-1d379233f7d3?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/broken-link-checker/tags/2.4.2/legacy/core/core.php#L3272"}, {"url": "https://plugins.trac.wordpress.org/changeset/3294992/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "anhchangmutrang"}], "timeline": [{"time": "2025-06-02T14:22:12.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-03T14:51:48.745090Z", "id": "CVE-2025-4047", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-03T14:52:04.159Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4047", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-03T14:51:48.745090Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-03T14:51:56.452Z"}}], "cna": {"title": "Broken Link Checker <= 2.4.4 - Missing Autorization to Authenticated (Subscriber+) Plugin Status Dashboard View", "credits": [{"lang": "en", "type": "finder", "value": "anhchangmutrang"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "wpmudev", "product": "Broken Link Checker", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.4.4"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-06-02T14:22:12.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33ac910c-9531-45ea-84cf-1d379233f7d3?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/broken-link-checker/tags/2.4.2/legacy/core/core.php#L3272"}, {"url": "https://plugins.trac.wordpress.org/changeset/3294992/"}], "descriptions": [{"lang": "en", "value": "The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:31.920Z"}}}, "cveMetadata": {"cveId": "CVE-2025-4047", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:45:31.920Z", "dateReserved": "2025-04-28T19:30:54.272Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-06-03T02:27:34.395Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view the plugin's status."}, {"lang": "es", "value": "El complemento Broken Link Checker para WordPress es vulnerable al acceso no autorizado a datos debido a la falta de comprobaci\u00f3n de las funciones ajax_full_status y ajax_dashboard_status en todas las versiones hasta la 2.4.4 incluida. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, vean el estado del complemento."}], "id": "CVE-2025-4047", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-06-03T03:15:27.910", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/broken-link-checker/tags/2.4.2/legacy/core/core.php#L3272"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3294992/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33ac910c-9531-45ea-84cf-1d379233f7d3?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T20:31:06.134972+00:00", "value": {"mitigation_remediation": ["Upgrade the Broken Link Checker plugin to version 2.4.5 or newer to incorporate the missing capability check. ", "If an immediate upgrade is not feasible, block or delete the ajax_full_status and ajax_dashboard_status URLs by applying custom code that sets a capability requirement or by disabling the plugin entirely until the fix is applied. ", "Continuously monitor the plugin\u2019s change log and the vendor\u2019s security advisories for future patches and verify that the capability checks are enforced in any re\u2011implementation."], "summary": {"action": "Apply Patch", "impact": "Unauthorized access to plugin status data"}, "threat_synthesis": {"affected_systems": "The defect impacts the WordPress plugin Broken Link Checker produced by wpmudev. All releases up to and including version 2.4.4 are affected, regardless of other plugins or WordPress core versions, as long as the plugin is installed on a site where users can authenticate at a Subscriber level or above.", "description_and_impact": "The vulnerability is a missing capability check in the ajax_full_status and ajax_dashboard_status functions of the Broken Link Checker WordPress plugin. It allows any authenticated user with a Subscriber role or higher to call these AJAX endpoints and view the plugin\u2019s status information that should be restricted to administrators. The flaw falls under CWE\u2011862 and results in an information disclosure, as attackers learn details about the site\u2019s broken links and overall health, potentially aiding further attacks.", "risk_and_exploitability": "The CVSS score of 4.3 reflects a moderate severity, and the EPSS score of less than 1% indicates that exploitation is currently unlikely. The plugin is not listed in the CISA KEV catalog, which reduces the visibility of existing exploitation. Exploitation requires an authenticated user with at least Subscriber rights to trigger the vulnerable AJAX calls. While it does not allow privilege escalation or code execution, the attacker gains visibility into internal site diagnostics, which may be used to plan subsequent targeting efforts."}}}}, "created": "2025-06-24T09:44:17.317363+00:00", "updated": "2026-04-21T20:45:25.971630+00:00", "vendors": ["wpmudev", "wpmudev$PRODUCT$broken_link_checker"]}