Browse all 4 CVE security advisories affecting NitroPack. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nitropack is a website performance optimization platform that caches and delivers content to improve loading speeds. Historically, it has been associated with cross-site scripting (XSS) vulnerabilities, which could allow attackers to inject malicious scripts into web pages. Other reported issues include remote code execution flaws and privilege escalation weaknesses, particularly in older versions. While no major public security incidents have been widely documented, the four CVEs on record highlight potential risks in its caching mechanisms and configuration handling. Organizations should ensure proper input validation and access controls when implementing Nitropack to mitigate these security concerns.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39669 | WordPress NitroPack plugin <= 1.19.3 - Broken Access Control vulnerability — NitroPackCWE-862 | 5.3 | Medium | 2026-04-08 |
This page lists every published CVE security advisory associated with NitroPack. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.