PT-2024-20740 · Xlplugins · Xlplugins Nextmove Lite

Yudistira Arya

Published

2024-06-09

Updated

2025-03-14

CVE-2024-25092

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions XLPlugins NextMove Lite versions 2.17.0 and earlier

Description The issue is a Missing Authorization vulnerability in XLPlugins NextMove Lite. This vulnerability allows unauthorized access due to the lack of proper authorization checks.

Recommendations For XLPlugins NextMove Lite versions 2.17.0 and earlier, update to a version later than 2.17.0 to resolve the Missing Authorization vulnerability. At the moment, there is no information about additional mitigation measures for this vulnerability.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2024-25092

Affected Products

Xlplugins Nextmove Lite

PT-2024-20740 · Xlplugins · Xlplugins Nextmove Lite

CVE-2024-25092

Weakness Enumeration

Related Identifiers

Affected Products

References · 11