Nicepage allows exporting projects from a desktop app. If the desktop application is compromised or the "include blog posts" feature behaves unexpectedly, it could introduce invalid HTML/JavaScript into the production website. 4. Vulnerable Third-Party Integrations
The theoretical vulnerabilities have already resulted in real-world damage. On the WordPress plugin repository, a user recently issued an urgent warning: "Do NOT use this plugin. I installed it on two different websites, and both were completely hacked. The content was changed, and spam pages (like fake product listings) started appearing in Google". Another user reported that a "malware scanner reported multiple exploits" in the cache path, which prevented them from logging into their admin area due to a "522 error". nicepage website builder exploit
Pay attention to the Nicepage Forum and official support channels for news regarding security patches. Nicepage allows exporting projects from a desktop app