CVE-2025-39440

Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Broken Links Remover allows Stored XSS. This issue affects Broken Links Remover: from n/a through 1.2.2.

More information : https://patchstack.com/database/wordpress/plugin/broken-links-remover/vulnerability/wordpress-broken-links-remover-plugin-1-2-2-csrf-to-stored-xss-vulnerability?_s_id=cve