CVE-2025-8778
- EPSS 0.04%
- Veröffentlicht 10.09.2025 06:38:47
- Zuletzt bearbeitet 11.09.2025 17:14:10
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropack_set_compression_ajax() function in all versions up to, and including, 1.18.4. This makes it possible for authenti...
CVE-2024-11848
- EPSS 6.46%
- Veröffentlicht 15.01.2025 12:15:25
- Zuletzt bearbeitet 15.01.2025 12:15:25
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'nitropack_dismiss_notice_forever' AJAX action in all versions up to, and including, 1.17.0. This makes it possible for aut...
CVE-2024-11851
- EPSS 0.24%
- Veröffentlicht 15.01.2025 12:15:25
- Zuletzt bearbeitet 15.01.2025 12:15:25
The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropack_rml_notification function in all versions up to, and including, 1.17.0. This makes it possible for authenti...
CVE-2024-43922
- EPSS 0.65%
- Veröffentlicht 29.08.2024 15:15:29
- Zuletzt bearbeitet 19.09.2024 21:44:49
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7.
CVE-2023-52121
- EPSS 0.05%
- Veröffentlicht 05.01.2024 10:15:13
- Zuletzt bearbeitet 21.11.2024 08:39:13
Cross-Site Request Forgery (CSRF) vulnerability in NitroPack Inc. NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack – Cache & Speed Optimization for Core Web Vitals, Defe...