Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Patchstack
Patchstackadded 2026/05/06 11:1 p.m.6 views

NPM: Nitro has a proxy scope bypass via percent-encoded path traversal in `routeRules`

NPM: Nitro has a proxy scope bypass via percent-encoded path traversal in routeRules vulnerability discovered by ? in WordPress Npm nitropack versions 2.13.4...

5.3CVSS5.8AI score0.00043EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/08 8:30 a.m.2 views

CVE-2026-39669 WordPress NitroPack plugin <= 1.19.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in NitroPack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NitroPack: from n/a through 1.19.3...

5.3CVSS5.8AI score0.0004EPSS
Exploits0References1
CNVD
CNVDadded 2025/09/12 12:0 a.m.2 views

WordPress NitroPack plugin unauthorized modification vulnerability

WordPress NitroPack plugin is a speed optimization plugin that is mainly used to improve the loading speed of your website. WordPress NitroPack plugin has an unauthorized modification vulnerability that stems from a lack of capability check in the function nitropacksetcompressionajax, which can b...

4.3CVSS6.7AI score0.00063EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/08/26 12:0 a.m.7 views

WordPress NitroPack Plugin <= 1.16.7 is vulnerable to Broken Access Control

Software NitroPack Type Plugin Vulnerable versions = 1.16.7 Fixed in 1.16.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43922 Patch priority Low CVSS severity Low 4.8 Developer Claim ownership PSID 68fa122dccba Credits Rafie Muhammad Patchstack Require...

9.8CVSS6.6AI score0.00648EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/01/05 9:22 a.m.5 views

CVE-2023-52121 WordPress NitroPack Plugin <= 1.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in NitroPack Inc. NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images: from n/a...

5.4CVSS7AI score0.00051EPSS
Exploits0References1
Patchstack
Patchstackadded 2023/12/28 12:0 a.m.9 views

WordPress NitroPack Plugin <= 1.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software NitroPack Type Plugin Vulnerable versions = 1.10.2 Fixed in 1.10.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52121 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2445c6fc9646 Credits Brandon Roldan Required...

8.8CVSS6.6AI score0.00051EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder