CVE-2025-6851 – The Broken Link Notifier WordPress plugin conta... (How to Fix)

Q: What is the severity of CVE-2025-6851?

CVE-2025-6851 has a CVSS score of 7.2 (HIGH). The Broken Link Notifier WordPress plugin contains a Server-Side Request Forgery (SSRF) vulnerability that allows unauthenticated attackers to make arbitrary web requests from the vulnerable server. This can be used to query internal services, potentially exposing sensitive information or enabling further attacks. All WordPress sites using this plugin version 1.3.0 or earlier are affected.

📋 TL;DR

The Broken Link Notifier WordPress plugin contains a Server-Side Request Forgery (SSRF) vulnerability that allows unauthenticated attackers to make arbitrary web requests from the vulnerable server. This can be used to query internal services, potentially exposing sensitive information or enabling further attacks. All WordPress sites using this plugin version 1.3.0 or earlier are affected.

💻 Affected Systems

Products:

WordPress Broken Link Notifier plugin

Versions: All versions up to and including 1.3.0

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default plugin configuration. Requires WordPress installation with plugin activated.

📦 What is this software?

Broken Link Notifier by Pluginrx

View all CVEs affecting Broken Link Notifier →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, steal sensitive data, pivot to internal networks, or perform port scanning of internal infrastructure.

🟠

Likely Case

Information disclosure from internal services, reconnaissance of internal network structure, or abuse of the server as a proxy for malicious requests.

🟢

If Mitigated

Limited to information gathering about internal services if proper network segmentation and egress filtering are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SSRF vulnerabilities are commonly exploited. The unauthenticated nature makes this particularly dangerous.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 1.3.0

Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3323864%40broken-link-notifier&new=3323864%40broken-link-notifier&sfp_email=&sfph_mail=

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Broken Link Notifier. 4. Click 'Update Now' if available. 5. If no update available, deactivate and delete the plugin.

🔧 Temporary Workarounds

Deactivate Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate broken-link-notifier

Restrict Network Access

all

Implement egress filtering to limit outbound requests from web server

🧯 If You Can't Patch

Deactivate and remove the Broken Link Notifier plugin immediately
Implement web application firewall rules to block requests to the vulnerable ajax_blinks() endpoint

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Broken Link Notifier version. If version is 1.3.0 or earlier, you are vulnerable.

Check Version:

wp plugin list --name=broken-link-notifier --field=version

Verify Fix Applied:

Verify plugin version is greater than 1.3.0. Test the ajax_blinks() endpoint with SSRF payloads to confirm they are blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server to internal IPs
Requests to /wp-admin/admin-ajax.php with action=blinks parameter
Multiple failed requests to internal services

Network Indicators:

Web server making requests to internal IP ranges (10.x.x.x, 172.16.x.x, 192.168.x.x)
Unusual traffic patterns from web server to non-standard ports

SIEM Query:

source="web_server_logs" AND (uri="/wp-admin/admin-ajax.php" AND parameters CONTAINS "action=blinks")

📊 Metadata

CVE ID: CVE-2025-6851

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-918

EPSS Score: 1.79% exploit probability (82.4th percentile)

Published: July 11, 2025

Last Updated: July 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6851, you might also want to check these: