Browse all 4 CVE security advisories affecting niteo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Niteo develops web-based collaboration and document management software primarily used for team productivity and content sharing. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting vulnerabilities, and privilege escalation issues, as evidenced by their four recorded CVEs. These vulnerabilities often stemmed from improper input validation and insufficient access controls in their web interfaces. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their software suggests a need for strengthened security development practices, particularly in handling user inputs and implementing robust permission mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6518 | CMP – Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.16 - Missing Authorization to Authenticated (Administrator+) Arbitrary File Upload and Remote Code Execution — CMP – Coming Soon & Maintenance Plugin by NiteoThemesCWE-434 | 8.8 | High | 2026-04-18 |
| CVE-2023-2159 | CMP – Coming Soon & Maintenance <= 4.1.7 - Maintenance Mode Bypass — CMP – Coming Soon & Maintenance Plugin by NiteoThemesCWE-284 | 5.3 | Medium | 2023-06-09 |
| CVE-2020-36730 | CMP <= 3.8.1 - Missing Authorization — CMP – Coming Soon & Maintenance Plugin by NiteoThemesCWE-862 | 8.3 | High | 2023-06-07 |
| CVE-2023-1263 | CMP – Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.6 - Information Exposure — CMP – Coming Soon & Maintenance Plugin by NiteoThemesCWE-200 | 5.3 | Medium | 2023-03-07 |
This page lists every published CVE security advisory associated with niteo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.