While no major public CVE for Nicepage has been widely reported as of 2026, similar builders have seen:
In 2019, the community raised serious alarms regarding the underlying code. A user discovered that the exported sites contained , a library that was over six years old at the time. Google Chrome’s DevTool Audit flagged the library for "known security vulnerabilities". This specific version is vulnerable to multiple CVEs, notably CVE-2019-11358 (Prototype Pollution), which allows attackers to modify a web application's JavaScript objects, potentially leading to XSS or data manipulation. nicepage website builder exploit
Delete any .npj or .zip template files from /wp-content/uploads/ that are older than your last update. While no major public CVE for Nicepage has
To mitigate these risks, it's essential to: similar builders have seen: In 2019