WordPress Canto 1.3.0 - Blind Server-Side Request Forgery

WordPress Canto plugin 1.3.0 is susceptible to blind server-side request forgery. An attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized administrative...

WordPress Canto Plugin <= 3.0.4 - File Inclusion

Canto plugin for WordPress up to version 3.0.4 contains a remote file inclusion caused by the 'wpabspath' parameter, letting unauthenticated attackers include and execute arbitrary remote code if allowurlinclude is enabled, exploit requires allowurlinclude to be enabled. id: CVE-2023-3452 info:...

EUVD-2026-23382

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

CVE-2026-6441

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

CVE-2026-6441 Canto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

CVE-2026-6441

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

CVE-2026-6441 Canto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

CVE-2026-6441

CVE-2026-6441 affects the WordPress Canto plugin up to version 3.1.1. The vulnerability arises from Missing Authorization in updateOptions(), which lacks any capability checks or nonce verification. The vulnerable function is exposed via two AJAX hooks (wp_ajax_updateOptions and wp_ajax_fbc_updat...

WordPress Canto plugin <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Setting Modification vulnerability discovered by Legion Hunter in WordPress Plugin Canto versions = 3.1.1...

WordPress plugin Canto 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-33415

Name of the Vulnerable Software and Affected Versions Canto plugin for WordPress versions prior to 3.1.2 Description Missing authorization occurs due to the absence of capability checks or nonce verification in the updateOptions function. This function is exposed via two AJAX hooks: 'wp ajax...

CVE-2026-3335

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

WordPress Canto plugin <= 3.1.1 - Missing Authorization to Unauthenticated File Upload vulnerability

Missing Authorization to Unauthenticated File Upload vulnerability discovered by oddshacker in WordPress Plugin Canto versions = 3.1.1...

CVE-2026-3335

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

CVE-2026-3335 Canto <= 3.1.1 - Missing Authorization to Unauthenticated File Upload

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

CVE-2026-3335

The CVE-2026-3335 entry concerns the WordPress Canto plugin (versions up to 3.1.1). The vulnerability is in missing authorization via the file at wp-content/plugins/canto/includes/lib/copy-media.php, which is directly accessible without authentication or nonce checks. The issue arises because fbc...

CVE-2026-3335

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

CVE-2026-3335 Canto <= 3.1.1 - Missing Authorization to Unauthenticated File Upload

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

PT-2026-26851

The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the /wp-content/plugins/canto/includes/lib/copy-media.php file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and t...

WordPress plugin Canto 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...