Nicepage 4.16.0 — Exploit

A: Yes, if the WordPress site is accessible over HTTP/HTTPS from the attacker’s network.

| Vector | Score | Severity | |--------|-------|-----------| | Unauthenticated SVG XSS | 6.1 (Medium) | Network low complexity, user interaction required | | CSRF Template Overwrite | 7.1 (High) | Confidentiality impact low, integrity high | | Auth'd Path Traversal | 7.5 (High) | High confidentiality impact | nicepage 4.16.0 exploit

files = 'svg_file': ('malicious.svg', payload_svg, 'image/svg+xml') data = 'action': 'nicepage_upload_svg' A: Yes, if the WordPress site is accessible

Within days, the PoC was mirrored to Exploit-DB (EDB-ID: 58923) and GitHub under multiple repositories with names like nicepage-exploit and CVE-2026-1234 (a placeholder CVE that, as of this writing, has not been officially assigned). as of this writing

8.2 (High) Proof-of-Concept (Educational Purpose Only) The following simplified Python snippet demonstrates the unauthenticated SVG upload (truncated for safety):