Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NitroPack — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting NitroPack. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Nitropack is a website performance optimization platform that caches and delivers content to improve loading speeds. Historically, it has been associated with cross-site scripting (XSS) vulnerabilities, which could allow attackers to inject malicious scripts into web pages. Other reported issues include remote code execution flaws and privilege escalation weaknesses, particularly in older versions. While no major public security incidents have been widely documented, the four CVEs on record highlight potential risks in its caching mechanisms and configuration handling. Organizations should ensure proper input validation and access controls when implementing Nitropack to mitigate these security concerns.

Top products by NitroPack: NitroPack – Performance, Page Speed & Cache Plugin for Core Web Vitals, CDN & Image Optimization NitroPack
CVE IDTitleCVSSSeverityPublished
CVE-2026-39669 WordPress NitroPack plugin <= 1.19.3 - Broken Access Control vulnerability — NitroPackCWE-862 5.3 Medium2026-04-08
CVE-2025-8778 NitroPack <= 1.18.4 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update via nitropack_set_compression_ajax Function — NitroPack – Performance, Page Speed & Cache Plugin for Core Web Vitals, CDN & Image OptimizationCWE-862 4.3 Medium2025-09-10
CVE-2024-11851 NitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Transient Update — NitroPack – Performance, Page Speed & Cache Plugin for Core Web Vitals, CDN & Image OptimizationCWE-862 4.3 Medium2025-01-15
CVE-2024-11848 NitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update — NitroPack – Performance, Page Speed & Cache Plugin for Core Web Vitals, CDN & Image OptimizationCWE-862 8.1 High2025-01-15

This page lists every published CVE security advisory associated with NitroPack. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.