Every CVE whose affected-product data names Xlplugins Nextmove, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-25092 — CVSS 8.8 (high): Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0.
CVE-2025-52735 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in XLPlugins NextMove Lite…
CVE-2025-62969 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in XLPlugins NextMove Lite…
CVE-2024-1120 — CVSS 5.3 (medium): The NextMove Lite – Thank You Page for WooCommerce and Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugins for…
CVE-2024-10860 — CVSS 4.3 (medium): The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to unauthorized submission of data due to a missing…
CVE-2024-32104 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1.