Missing Authorization Flaw in PluginRx's Broken Link Notifier for WordPress
CVE-2026-25408

Currently unrated

Key Information:

Vendor

WordPress
Status
Broken Link Notifier
Vendor
CVE Published:
19 February 2026

What is CVE-2026-25408?

A missing authorization vulnerability has been identified in PluginRx's Broken Link Notifier. This flaw allows attackers to exploit improperly configured access control settings, potentially leading to unauthorized actions on affected WordPress sites. The vulnerability impacts versions of the plugin from any version prior to or equal to 1.3.5, emphasizing the need for immediate attention and remediation to secure your WordPress installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Broken Link Notifier <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/broken-l...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nabil Irawan | Patchstack Bug Bounty Program
JSON
.