Description
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2007-1379)
WordPress 4.0.x Arbitrary File Deletion Vulnerability (4.0 - 4.0.23)
WordPress Plugin ADIF Log Search Widget Cross-Site Scripting (1.0e)
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Local File Inclusion (4.18.63)
WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4)