cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forheadline-analyzer headline-analyzer

Direction: descending
Nov 11, 2025

Headline Analyzer # CVE-2025-62974

CVE, Research URL

CVE-2025-62974

Home page URL

Security reports for Headline Analyzer

Application

Headline Analyzer

Date
Oct 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Stored XSS.This issue affects Headline Analyzer: from n/a through <= 1.3.7.
Affected versions
max 1.3.7.
Status
vulnerable
Jun 10, 2024

Headline Analyzer # CVE-2023-46195

CVE, Research URL

CVE-2023-46195

Home page URL

Security reports for Headline Analyzer

Application

Headline Analyzer

Date
Jan 02, 2025
Research Description
Missing Authorization vulnerability in CoSchedule Headline Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: from n/a through 1.3.1.
Affected versions
max 1.3.2.
Status
vulnerable
Jun 07, 2024

Headline Analyzer # CVE-2024-32806

CVE, Research URL

CVE-2024-32806

Home page URL

Security reports for Headline Analyzer

Application

Headline Analyzer

Date
Apr 24, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule Headline Analyzer.This issue affects Headline Analyzer: from n/a through 1.3.3.
Affected versions
max 1.3.4.
Status
vulnerable

Headline Analyzer # 1a06b2d9fafa72a3ffd3da92198a28b07fd3b87d

CVE, Research URL

1a06b2d9fafa72a3ffd3da92198a28b07fd3b87d

Home page URL

Security reports for Headline Analyzer

Application

Headline Analyzer

Date
Oct 18, 2023
Research Description
Headline Analyzer [headline-analyzer] < 1.3.2 WordPress Headline Analyzer Plugin <= 1.3.1 is vulnerable to Broken Access Control No patched version is available. Mika discovered and reported this Broken Access Control vulnerability in WordPress Headline Analyzer Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.3.2.
Status
vulnerable