Hello,

Plugin: Broken Link manager Ver 0.5.5 https://wordpress.org/plugins/broken-link-manager/

Unauthenticated attackers can inject malicious html/javascript. Referer and user-agent headers are not sanitized when displayed in log (http://localhost/wp-admin/admin.php?page=wblm-log) which leads to persistent XSS vulnerability.

1. XSS (_custom_redirect())

Url: Non-existent (that produces 404)

Function: _custom_redirect

Vulnerable header parameters: Referer, User-Agent

Verification:

curl -A "<script>alert(1);</script>" -e "<script>alert(2);</script>" http://localhost/index.php/some/url/that/does/not/exist

And visit http://localhost/wp-admin/admin.php?page=wblm-log

Regards
Marcin Probola,