10 matches found
CVE-2026-24599
Authorization Bypass Through User-Controlled Key vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through = 2.23.0...
EUVD-2025-35976
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Stored XSS.This issue affects NextMove Lite: from n/a through = 2.21.0...
CVE-2025-52735
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Reflected XSS.This issue affects NextMove Lite: from n/a through = 2.24.0...
PT-2025-43227
Name of the Vulnerable Software and Affected Versions XLPlugins NextMove Lite versions through 2.21.0 Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting XSS. This issue is present in the...
CVE-2024-25092
Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0...
CVE-2024-25092
Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0...
CVE-2024-32104
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104 WordPress NextMove Lite plugin <= 2.18.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104
CVE-2024-32104 is a CSRF vulnerability affecting XLPlugins NextMove Lite (NextMove Lite: n/a through 2.18.1). The embedded CVSS details show the attack vector as Network, no confidentiality impact, low integrity impact, and no availability impact, with user interaction required and no privileges ...