📦 Nextmove

This CVE describes a Missing Authorization vulnerability in the NextMove Lite WordPress plugin that allows authenticated users with subscriber-level permissions to install and activate arbitrary plugi...

This stored XSS vulnerability in NextMove Lite WordPress plugin allows attackers to inject malicious scripts into thank-you pages, which execute when users view those pages. WordPress sites using Next...

This reflected cross-site scripting (XSS) vulnerability in the NextMove Lite WordPress plugin allows attackers to inject malicious scripts into thank-you pages. Attackers can steal user session cookie...