cleantalk
Vulnerabilities and Security Researches

Textmetrics, CVE-2025-46229

CVE, Research URL

CVE-2025-46229

Home page URL

Security reports for Textmetrics

Application

Textmetrics

Published on
Apr 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Israpil Textmetrics allows Stored XSS. This issue affects Textmetrics: from n/a through 3.6.2.
Affected versions
Min -, max 3.6.3.
Status
vulnerable
Previous vulnerability researches
Hitsteps Web Analytics (CVE-2023-45268) , Jun 06, 2024
Hitsteps Web Analytics (CVE-2023-45057) , Jun 06, 2024
New vulnerability
Anything Popup (CVE-2025-39397) , Apr 24, 2025
Simple Download Counter (CVE-2025-46240) , Apr 24, 2025
Textmetrics (CVE-2025-46229) , Apr 24, 2025
World first Lifetime free Form Builder for WordPress (CVE-2025-46250) , Apr 24, 2025
Watu Quiz (CVE-2025-46242) , Apr 24, 2025