VYPR

TNC Toolbox: Web Performance

by Merlot Digital (by TNC)

Source repositories

CVEs (2)

  • CVE-2025-12539CriNov 11, 2025
    risk 0.58cvss 10.0epss 0.01

    The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible…

  • CVE-2025-66108MedNov 21, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Merlot Digital (by TNC) TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through <= 2.0.4.