{"uuid": "7a7fa022-c564-43c2-96b0-14ac8fb2d388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25092", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/14593", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udcc5 Date: 2025-03-14 03:56:33\n\ud83d\udea8 Title: Alleged disclosure of WordPress NextMove Lite 2.17.0 Missing Authorization Vulnerability\n\ud83d\udee1\ufe0f Victim Country: \n\ud83c\udfed Victim Industry: \n\ud83c\udfe2 Victim Organization: \n\ud83c\udf10 Victim Site: \n\ud83d\udcdc Category: Vulnerability\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Threat Actor: Nxploited\n\ud83c\udf0d Network: openweb\n\ud83d\udd17 Claim: https://0day.today/exploit/description/39942\n\ud83d\udcdd Description: The threat actor claims to have disclosed an exploit for WordPress NextMove Lite 2.17.0, which suffers from a missing authorization vulnerability. This flaw could allow unauthorized users to access or modify restricted resources, posing a medium security risk to PHP-based web applications. The vulnerability is tracked as CVE-2024-25092.\n\n\u26a0\ufe0f Stay ahead of cyber threats! Subscribe to the Paid Threat Feed at https://t.me/DarkWebInformer_Bot for real-time updates (Website excluded). Want to pay via crypto? Visit https://darkwebinformer.com/crypto-payments.", "creation_timestamp": "2025-03-14T04:56:36.000000Z"}