CantoDAM/Canto-Wordpress-Plugin
GitHub
Releases0
Stars3
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 5.3 MEDIUM | 5 MEDIUM | ||
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF. | |||
| 5.3 MEDIUM | 5 MEDIUM | ||
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF. | |||
| 5.3 MEDIUM | 5 MEDIUM | ||
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF. | |||
| 7.2 HIGH | 5 MEDIUM | ||
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. | |||