47 matches found
Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance
WebP boosts performance raises compatibility issues, making image format conversion to PNG essential for secure, flexible, and efficient web workflows today...
WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin TNC Toolbox: Web Performance versions = 2.0.4...
CVE-2025-66108
Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...
EUVD-2025-198446
Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...
CVE-2025-66108
Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...
CVE-2025-66108 WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...
CVE-2025-66108
CVE-2025-66108 concerns the WordPress plugin Merlot Digital TNC Toolbox: Web Performance (versions
CVE-2025-66108 WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...
WordPress plugin TNC Toolbox: Web Performance 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-47770
Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...
Unspecified Vulnerability in WordPress Plugin TNC Toolbox Web Performance
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin TNC Toolbox Web Performance, which stem...
EUVD-2025-84363
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials hostname, username, and API key in files within the web-accessible wp-content directory witho...
CVE-2025-12539 TNC Toolbox: Web Performance <= 1.4.2 - Unauthenticated Sensitive Information Exposure to Privilege Escalation/cPanel Account Takeover
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials hostname, username, and API key in files within the web-accessible wp-content directory witho...
CVE-2025-12539 TNC Toolbox: Web Performance <= 1.4.2 - Unauthenticated Sensitive Information Exposure to Privilege Escalation/cPanel Account Takeover
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials hostname, username, and API key in files within the web-accessible wp-content directory witho...
CVE-2025-12539
The CVE-2025-12539 entry concerns the WordPress plugin TNC Toolbox: Web Performance (versions up to 1.4.2). The vulnerability, described across multiple connected sources, is a Sensitive Information Exposure flaw caused by storing cPanel credentials (hostname, username, API key) in files under th...
WordPress TNC Toolbox: Web Performance plugin <= 1.4.2 - Unauthenticated Sensitive Information Exposure to Privilege Escalation/cPanel Account Takeover vulnerability
Unauthenticated Sensitive Information Exposure to Privilege Escalation/cPanel Account Takeover vulnerability discovered by kr0d in WordPress Plugin TNC Toolbox: Web Performance versions = 1.4.2...
WordPress plugin TNC Toolbox Web Performance 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin TNC Toolbox Web Performance, which stem...
PT-2025-46321
Name of the Vulnerable Software and Affected Versions TNC Toolbox: Web Performance plugin for WordPress versions up to and including 1.4.2 Description The TNC Toolbox: Web Performance plugin for WordPress is affected by a sensitive information exposure issue. The plugin stores cPanel API...
Video with alpha transparency on the web
I've been helping some teams at Shopify improve page load performance, and the issue of 'videos with an alpha channel' kept coming up, where videos of UI mocks needed to be composited on top of inconsistent backgrounds, such as larger CSS backgrounds. Often a good solution here is to create the...
Beyond CWV: 11 More Performance Metrics to Monitor, Part 3 of 5
Learn the differences between synthetic tests and real user monitoring, and discover 11 web performance metrics beyond the Core Web Vitals — and how to use them...