SQL Injection Vulnerability in AIOSEO Plugin's Broken Link Checker
CVE-2025-67962

Currently unrated

Key Information:

Vendor

WordPress
Status
Broken Link Checker
Vendor
CVE Published:
16 December 2025

What is CVE-2025-67962?

A vulnerability exists in the AIOSEO Plugin's Broken Link Checker that permits attackers to exploit SQL injection. This flaw arises from the improper neutralization of special elements utilized in SQL commands, which could lead to unauthorized access to the database. The affected versions, up to and including 1.2.6, allow an unauthorized entity to manipulate SQL queries, potentially compromising sensitive data. It is critical for users of the Broken Link Checker to apply necessary security patches and upgrades to mitigate risk.

Affected Version(s)

Broken Link Checker <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/brok...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

mcdruid | Patchstack Bug Bounty Program
JSON
.
CVE-2025-67962 : SQL Injection Vulnerability in AIOSEO Plugin's Broken Link Checker