Lucene search
K

77 matches found

0day.today
0day.today
added 2024/02/27 12:0 a.m.541 views

Wordpress Canto Plugin < 3.0.5 - Remote File Inclusion and Remote Code Execution Exploit

Exploit Title: Wordpress Plugin Canto " def createadminfilelocaldir, localshell=None: if not os.path.existslocaldir: os.makedirslocaldir If a local shell is p...

9.8CVSS7AI score0.0562EPSS
Exploits7
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.31 views

Canto < 3.0.7 - Unauthenticated RCE

Description The plugin is vulnerable to Remote Code Execution via the 'abspath' parameter due to the use of the includeonce statement on the parameter allowing remote file inclusion. This makes it possible for unauthenticated attackers to execute code on the server...

10CVSS9.9AI score0.00687EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2023/08/12 3:15 a.m.4 views

CVE-2023-3452

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wpabspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allowurlinclude is enabled. Local File...

9.8CVSS7.8AI score0.0562EPSS
Exploits7References3
Prion
Prion
added 2023/08/12 3:15 a.m.31 views

Remote file inclusion

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wpabspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allowurlinclude is enabled. Local File...

7.5CVSS9.8AI score0.0562EPSS
Exploits7References3Affected Software1
Cvelist
Cvelist
added 2023/08/12 2:5 a.m.47 views

CVE-2023-3452 Canto <= 3.0.4 - Unauthenticated Remote File Inclusion

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wpabspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allowurlinclude is enabled. Local File...

9.8CVSS10AI score0.0562EPSS
Exploits7References3
Vulnrichment
Vulnrichment
added 2023/08/12 2:5 a.m.19 views

CVE-2023-3452

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wpabspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allowurlinclude is enabled. Local File...

9.8CVSS9.8AI score0.0562EPSS
Exploits7References3
CVE
CVE
added 2023/08/12 2:5 a.m.85 views

CVE-2023-3452

The CVE-2023-3452 entry concerns the WordPress Canto plugin (versions up to and including 3.0.4). The root cause is improper handling of the wp_abspath parameter, enabling Remote File Inclusion (RFI); if allow_url_include is enabled, an unauthenticated attacker can include and execute remote code...

9.8CVSS9.7AI score0.0562EPSS
Exploits7References3Affected Software1
CNNVD
CNNVD
added 2023/08/12 12:0 a.m.11 views

WordPress plugin Canto security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

9.8CVSS6.9AI score0.0562EPSS
Exploits7References4
Patchstack
Patchstack
added 2023/08/09 12:0 a.m.20 views

WordPress Canto Plugin <= 3.0.4 is vulnerable to Remote File Inclusion

Software Canto Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A1: Injection Classification Remote File Inclusion CVE CVE-2023-3452 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID aabfee448799 Credits Marco Wotschka Required privilege Unauthenticated...

9.8CVSS6.7AI score0.0562EPSS
Exploits7References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2020/12/27 12:0 a.m.30 views

WordPress Canto Plugin Server-Side Request Forgery (CVE-2020-28976; CVE-2020-28977; CVE-2020-28978)

A sever-side request forgery vulnerability exists in WordPress Canto Plugin. The vulnerability is due to a lack of validation on the subdomain parameter in HTTP requests. Successful exploitation of this vulnerability could allow an unauthenticated attacker to make a request to any internal and...

5CVSS1.3AI score0.27771EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/12/04 12:0 a.m.815 views

WordPress Canto 1.3.0 Server-Side Request Forgery

Exploit Title: Wordpress Plugin Canto 1.3.0 - Blind SSRF Unauthenticated Date: 03/12/2020 Exploit Author: Pankaj Verma p4nk4j Vendor Homepage: https://www.canto.com/integrations/wordpress/ Software Link: https://github.com/CantoDAM/Canto-Wordpress-Plugin Version: 1.3.0 Tested on: Ubuntu 18.04 CVE...

5CVSS1.1AI score0.27771EPSS
Exploits3
CNVD
CNVD
added 2020/12/01 12:0 a.m.5 views

WordPress Canto plugin server-side request forgery vulnerability (CNVD-2020-68545)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...

5.3CVSS6.8AI score0.27771EPSS
Exploits3References1
Patchstack
Patchstack
added 2020/12/01 12:0 a.m.8 views

WordPress Canto plugin <= 1.7.0 - Unauthenticated Blind Server-Side Request Forgery (SSRF) vulnerability

Unauthenticated Blind Server-Side Request Forgery SSRF vulnerability found by Pankaj Verma p4nk4jv in WordPress Canto plugin versions = 1.7.0. Solution 2020-12-01 - we were unable to find a patched version of this plugin...

4AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/12/01 12:0 a.m.6 views

WordPress Canto plugin server-side request forgery vulnerability (CNVD-2020-68546)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...

5.3CVSS6.8AI score0.15254EPSS
Exploits3References1
CNVD
CNVD
added 2020/12/01 12:0 a.m.6 views

WordPress Canto plugin server-side request forgery vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...

5.3CVSS6.8AI score0.15254EPSS
Exploits3References1
OSV
OSV
added 2020/11/30 2:15 p.m.5 views

CVE-2020-28976

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF...

5.3CVSS6.1AI score0.27771EPSS
Exploits3References5
NVD
NVD
added 2020/11/30 2:15 p.m.22 views

CVE-2020-28977

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF...

5.3CVSS5.4AI score0.15254EPSS
Exploits3References5
OSV
OSV
added 2020/11/30 2:15 p.m.4 views

CVE-2020-28978

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF...

5.3CVSS6.1AI score0.15254EPSS
Exploits3References5
NVD
NVD
added 2020/11/30 2:15 p.m.20 views

CVE-2020-28976

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF...

5.3CVSS5.3AI score0.27771EPSS
Exploits3References5
OSV
OSV
added 2020/11/30 2:15 p.m.5 views

CVE-2020-28977

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF...

5.3CVSS6.1AI score0.15254EPSS
Exploits3References5
Rows per page
Query Builder