cleantalk
Vulnerabilities and Security Researches

NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images, CVE-2024-43922

CVE, Research URL

CVE-2024-43922

Home page URL

Security reports for NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images

Application

NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images

Published on
Aug 29, 2024
Research Description
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7.
Affected versions
max 1.16.8.
Status
vulnerable
Previous vulnerability researches
NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images (CVE-2024-43922) , Aug 29, 2024
NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images (CVE-2026-39669) , Apr 13, 2026
NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images (CVE-2024-11848) , Jan 15, 2025
NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images (CVE-2024-11851) , Jan 15, 2025
NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images (CVE-2023-52121) , Jun 07, 2024
New vulnerability
Custom Blocks Constructor – Lazy Blocks (CVE-2025-58258) , Apr 24, 2026
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-59576) , Apr 24, 2026
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-59577) , Apr 24, 2026
Coil Web Monetization (CVE-2025-9625) , Apr 24, 2026
Quran Live Multilanguage (CVE-2026-4074) , Apr 24, 2026