Nicepage 4.16.0 Exploit Page

If you are running Nicepage plugin 4.16.0, take these actions immediately:

If you confirm you are running version 4.16.0, take immediate action: nicepage 4.16.0 exploit

The first mentions of the exploit appeared in early February 2026 on a Russian-language exploit forum. A threat actor using the handle 0xDr4k0 posted a thread titled: "Nicepage 4.16.0 – Unauthenticated RCE via SVG upload and plugin sync." The post included a proof-of-concept (PoC) Python script claiming to achieve remote code execution (RCE) on WordPress sites using the Nicepage plugin version 4.16.0. If you are running Nicepage plugin 4

Within days, the PoC was mirrored to Exploit-DB (EDB-ID: 58923) and GitHub under multiple repositories with names like nicepage-exploit and CVE-2026-1234 (a placeholder CVE that, as of this writing, has not been officially assigned). If Update is Not Possible (e

This rapid proliferation triggered alerts across WordPress security monitoring services, including Wordfence, Sucuri, and WPScan.