cleantalk
Vulnerabilities and Security Researches

Textmetrics, CVE-2026-24564

CVE, Research URL

CVE-2026-24564

Home page URL

Security reports for Textmetrics

Application

Textmetrics

Published on
Jan 23, 2026
Research Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Israpil Textmetrics webtexttool allows Code Injection.This issue affects Textmetrics: from n/a through <= 3.6.3.
Affected versions
max 3.6.3.
Status
vulnerable
Previous vulnerability researches
Textmetrics (CVE-2025-46229) , Apr 24, 2025
Textmetrics (CVE-2025-30824) , Apr 02, 2025
Textmetrics (CVE-2026-24564) , Jan 28, 2026
Textmetrics (CVE-2026-32331) , Mar 30, 2026
New vulnerability
File Manager Pro &#8211; Filester , Mar 30, 2026
Simple Author Box , Mar 30, 2026
Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery , Mar 30, 2026
Speed Optimizer &#8211; The All-In-One WordPress Performance-Boosting Plugin , Mar 30, 2026
Product Feed PRO for WooCommerce (CVE-2026-32443) , Mar 30, 2026