cleantalk
Vulnerabilities and Security Researches

Headline Analyzer, 1a06b2d9fafa72a3ffd3da92198a28b07fd3b87d

CVE, Research URL

1a06b2d9fafa72a3ffd3da92198a28b07fd3b87d

Home page URL

Security reports for Headline Analyzer

Application

Headline Analyzer

Published on
Oct 18, 2023
Research Description
Headline Analyzer [headline-analyzer] < 1.3.2 WordPress Headline Analyzer Plugin <= 1.3.1 is vulnerable to Broken Access Control No patched version is available. Mika discovered and reported this Broken Access Control vulnerability in WordPress Headline Analyzer Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.3.2.
Status
vulnerable
Previous vulnerability researches
Headline Analyzer (CVE-2024-32806) , Jun 07, 2024
Headline Analyzer (1a06b2d9fafa72a3ffd3da92198a28b07fd3b87d) , Jun 07, 2024
Headline Analyzer (CVE-2023-46195) , Jun 10, 2024
Headline Analyzer (CVE-2025-62974) , Nov 11, 2025
New vulnerability
JB News Ticker (CVE-2025-11804) , Nov 11, 2025
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates &amp; Open Badges &#8211; Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu &#8211; PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025