4 matches found
PT-2025-40021
Name of the Vulnerable Software and Affected Versions LiquidFiles versions prior to 4.2 Description The application exhibits a user enumeration issue in its password reset functionality. An unauthenticated attacker can determine the existence of user accounts by observing distinguishable response...
CVE-2022-2939 WP Cerber Security <= 9.0 - User Enumeration Bypass
The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the /cerber-load.php file. In...
CVE-2019-11716
Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...
CVE-2019-11716
Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...