CVE-2026-39669
- EPSS 0.02%
- Veröffentlicht 08.04.2026 08:30:38
- Zuletzt bearbeitet 13.04.2026 19:16:48
Missing Authorization vulnerability in NitroPack NitroPack nitropack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NitroPack: from n/a through <= 1.19.3.
CVE-2025-8778
- EPSS 0.05%
- Veröffentlicht 10.09.2025 06:38:47
- Zuletzt bearbeitet 15.04.2026 00:35:42
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropack_set_compression_ajax() function in all versions up to, and including, 1.18.4. This makes it possible for authenti...
CVE-2024-11848
- EPSS 5.59%
- Veröffentlicht 15.01.2025 12:15:25
- Zuletzt bearbeitet 15.04.2026 00:35:42
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'nitropack_dismiss_notice_forever' AJAX action in all versions up to, and including, 1.17.0. This makes it possible for aut...
CVE-2024-11851
- EPSS 0.19%
- Veröffentlicht 15.01.2025 12:15:25
- Zuletzt bearbeitet 15.04.2026 00:35:42
The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropack_rml_notification function in all versions up to, and including, 1.17.0. This makes it possible for authenti...
CVE-2024-43922
- EPSS 0.65%
- Veröffentlicht 29.08.2024 15:15:29
- Zuletzt bearbeitet 19.09.2024 21:44:49
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7.
CVE-2023-52121
- EPSS 0.05%
- Veröffentlicht 05.01.2024 10:15:13
- Zuletzt bearbeitet 21.11.2024 08:39:13
Cross-Site Request Forgery (CSRF) vulnerability in NitroPack Inc. NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack – Cache & Speed Optimization for Core Web Vitals, Defe...