WordPress Canto plugin <= 3.1.1 - Missing Authorization to Unauthenticated File Upload vulnerability

Missing Authorization to Unauthenticated File Upload vulnerability discovered by oddshacker in WordPress Plugin Canto versions = 3.1.1...

📄 WordPress Canto 3.0.4 Remote File Inclusion

This is a Metasploit module that exploits a remote file inclusion vulnerability in WordPress Canto plugin versions 3.0.4 and below. ============================================================================================================================================= | Title : WordPress Can...

WordPress Canto Plugin <= 3.0.8 is vulnerable to Local File Inclusion

Software Canto Type Plugin Vulnerable versions = 3.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-4936 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID becb06bae3de Credits Sushi Com Abacate Required privilege Unauthenticated...

WordPress Canto Plugin <= 3.0.4 is vulnerable to Remote File Inclusion

Software Canto Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A1: Injection Classification Remote File Inclusion CVE CVE-2023-3452 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID aabfee448799 Credits Marco Wotschka Required privilege Unauthenticated...

WordPress Canto plugin <= 1.7.0 - Unauthenticated Blind Server-Side Request Forgery (SSRF) vulnerability

Unauthenticated Blind Server-Side Request Forgery SSRF vulnerability found by Pankaj Verma p4nk4jv in WordPress Canto plugin versions = 1.7.0. Solution 2020-12-01 - we were unable to find a patched version of this plugin...

WordPress Canto plugin 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A server-side request forgery vulnerability exists in WordPress Canto plugin 1.3.0. An attacker can...