Lucene search
+L

77 matches found

osv
osv
added 2020/11/30 2:15 p.m.5 views

CVE-2020-28977

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF...

5.3CVSS6.1AI score0.15254EPSS
Exploits3References5
prion
prion
added 2020/11/30 2:15 p.m.20 views

Server side request forgery (ssrf)

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF...

5CVSS5.3AI score0.15254EPSS
Exploits3References5Affected Software1
prion
prion
added 2020/11/30 2:15 p.m.16 views

Server side request forgery (ssrf)

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF...

5CVSS5.3AI score0.15254EPSS
Exploits3References5Affected Software1
prion
prion
added 2020/11/30 2:15 p.m.25 views

Server side request forgery (ssrf)

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF...

5CVSS5.3AI score0.27771EPSS
Exploits3References5Affected Software1
cvelist
cvelist
added 2020/11/30 1:21 p.m.18 views

CVE-2020-28978

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF...

5.3AI score0.15254EPSS
Exploits3References5
cvelist
cvelist
added 2020/11/30 1:19 p.m.20 views

CVE-2020-28977

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF...

5.3AI score0.15254EPSS
Exploits3References5
cve
cve
added 2020/11/30 1:19 p.m.72 views

CVE-2020-28977

The CVE-2020-28977 entry corresponds to the WordPress Canto plugin vulnerability (version 1.3.0). It is a blind Server-Side Request Forgery (SSRF) flaw that allows an unauthenticated attacker to cause requests to internal or external servers by supplying a malicious subdomain parameter in the plu...

5.3CVSS5.3AI score0.15254EPSS
Exploits3References5Affected Software1
cvelist
cvelist
added 2020/11/30 1:14 p.m.20 views

CVE-2020-28976

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF...

5.3AI score0.27771EPSS
Exploits3References5
cve
cve
added 2020/11/30 1:14 p.m.89 views

CVE-2020-28976

The CVE-2020-28976 entry relates to WordPress Canto plugin 1.3.0, which is vulnerable to blind Server-Side Request Forgery. The flaw allows an unauthenticated attacker to cause requests to arbitrary internal/external hosts via the subdomain parameter in endpoints such as includes/lib/detail.php?s...

5.3CVSS5.2AI score0.27771EPSS
Exploits3References5Affected Software1
cnnvd
cnnvd
added 2020/11/30 12:0 a.m.10 views

WordPress Canto plugin 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...

5.3CVSS6AI score0.15254EPSS
Exploits3References8
cnnvd
cnnvd
added 2020/11/30 12:0 a.m.9 views

WordPress Canto plugin 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...

5.3CVSS6AI score0.27771EPSS
Exploits3References8
cnnvd
cnnvd
added 2020/11/30 12:0 a.m.9 views

WordPress Canto plugin 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...

5.3CVSS6AI score0.15254EPSS
Exploits3References8
cnvd
cnvd
added 2020/11/12 12:0 a.m.2 views

WordPress Canto plugin server-side request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. uninstall is one of the plugins used to completely uninstall WordPress. A server-side request forgery vulnerability exists in the...

7.2CVSS7AI score0.01446EPSS
Exploits0References1
osv
osv
added 2020/11/10 9:15 p.m.2 views

CVE-2020-24063

The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF...

7.2CVSS7.1AI score0.01446EPSS
Exploits0References4
nvd
nvd
added 2020/11/10 9:15 p.m.17 views

CVE-2020-24063

The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF...

7.2CVSS7.1AI score0.01446EPSS
Exploits0References4
prion
prion
added 2020/11/10 9:15 p.m.13 views

Server side request forgery (ssrf)

The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF...

5CVSS7AI score0.01446EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2020/11/10 8:5 p.m.17 views

CVE-2020-24063

The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF...

7.1AI score0.01446EPSS
Exploits0References4
Rows per page
Query Builder