{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68048", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:01:07.754Z", "datePublished": "2026-02-20T15:46:37.159Z", "dateUpdated": "2026-04-28T19:57:08.170Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "woo-thank-you-page-nextmove-lite", "product": "NextMove Lite", "vendor": "XLPlugins", "versions": [{"changes": [{"at": "2.24.0", "status": "unaffected"}], "lessThanOrEqual": "2.23.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "NumeX | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:02:47.145Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects NextMove Lite: from n/a through <= 2.23.0.</p>"}], "value": "Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through <= 2.23.0."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:27.537Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/woo-thank-you-page-nextmove-lite/vulnerability/wordpress-nextmove-lite-plugin-2-22-0-broken-access-control-vulnerability?_s_id=cve"}], "title": "WordPress NextMove Lite plugin <= 2.23.0 - Broken Access Control vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-25T19:00:22.136089Z", "id": "CVE-2025-68048", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T19:57:08.170Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-68048", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-25T19:00:22.136089Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-25T18:59:10.500Z"}}], "cna": {"title": "WordPress NextMove Lite plugin <= 2.23.0 - Broken Access Control vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "NumeX | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "affected": [{"vendor": "XLPlugins", "product": "NextMove Lite", "versions": [{"status": "affected", "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 2.23.0"}], "packageName": "woo-thank-you-page-nextmove-lite", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-02-20T16:43:57.171Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/woo-thank-you-page-nextmove-lite/vulnerability/wordpress-nextmove-lite-plugin-2-22-0-broken-access-control-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through <= 2.23.0.", "supportingMedia": [{"type": "text/html", "value": "Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects NextMove Lite: from n/a through <= 2.23.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "Missing Authorization"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-02-20T15:46:37.159Z"}}}, "cveMetadata": {"cveId": "CVE-2025-68048", "state": "PUBLISHED", "dateUpdated": "2026-02-25T19:00:40.457Z", "dateReserved": "2025-12-15T10:01:07.754Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-20T15:46:37.159Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through <= 2.23.0."}, {"lang": "es", "value": "Vulnerabilidad de autorizaci\u00f3n faltante en XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a NextMove Lite: desde n/a hasta &lt;= 2.23.0."}], "id": "CVE-2025-68048", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-20T16:22:08.750", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/woo-thank-you-page-nextmove-lite/vulnerability/wordpress-nextmove-lite-plugin-2-22-0-broken-access-control-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.23.0]"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 88.0, "source": "matching"}]}, "original": {"product": "NextMove Lite", "source": "cna", "vendor": "XLPlugins"}, "product": "nextmove", "vendor": "xlplugins"}], "analysis": {"en": {"generated_at": "2026-04-28T09:35:16.584732+00:00", "value": {"mitigation_remediation": ["Apply the latest update of NextMove Lite (version 2.24.0 or later) to remove the broken access control check.", "If an immediate update is not feasible, temporarily disable the plugin or delete it from the WordPress installation to prevent exploitation.", "Enforce strict WordPress role permissions so that only administrators can access the plugin\u2019s configuration and action endpoints.", "Audit the site for any credentials leaked via the plugin\u2019s exposed endpoints and replace them as necessary.", "Monitor WordPress logs for unexpected accesses to the plugin\u2019s URLs and block offenders if detected."], "summary": {"action": "Immediate Patch", "impact": "Unauthenticated privileged access via broken access control"}, "threat_synthesis": {"affected_systems": "The flaw is present in all releases of XLPlugins NextMove Lite up through version 2.23.0, including earlier snapshots. WordPress sites that have the NextMove Lite plugin installed within that version range are affected.", "description_and_impact": "The vulnerability is a missing authorization check in the NextMove Lite plugin, which permits users to invoke privileged functions without proper authentication. This can lead to unauthorized modifications or data exposure within the WordPress site. According to the CWE reference, it is a classic case of Broken Access Control (CWE-862). No denial\u2011of\u2011service effect is reported.", "risk_and_exploitability": "The CVSS score of 7.5 signals a high severity. The EPSS score of less than 1% indicates a low likelihood of widespread exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. The most likely attack path, as suggested by the description, involves a web request to one of the plugin\u2019s endpoints that bypasses normal WordPress permission checks. It is inferred that the attacker may need some level of WordPress access to exploit the vulnerability, but the CVE description does not explicitly state the required privileges or exact attack vector."}}}}, "created": "2026-02-23T14:45:37.174524+00:00", "updated": "2026-04-28T09:45:28.448521+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress", "xlplugins", "xlplugins$PRODUCT$nextmove"]}