Published: 30/11/2020 Updated: 04/01/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF.

Vulnerable Product	Search on Vulmon	Subscribe to Product
canto canto 1.3.0

# Exploit Title: Wordpress Plugin Canto 130 - Blind SSRF (Unauthenticated) # Date: 03/12/2020 # Exploit Author: Pankaj Verma (_p4nk4j) # Vendor Homepage: wwwcantocom/integrations/wordpress/ # Software Link: githubcom/CantoDAM/Canto-Wordpress-Plugin # Version: 130 # Tested on: Ubuntu 1804 # CVE: CVE-2020-28976, CVE-2020-28977 ...

WordPress Canto plugin version 130 suffers from an unauthenticated server-side request forgery vulnerability ...

CWE-918 https://www.canto.com/integrations/wordpress/https://github.com/CantoDAM/Canto-Wordpress-Plugin https://gist.github.com/p4nk4jv/87aebd999ce4b28063943480e95fd9e0 https://wordpress.org/plugins/canto/#developers http://packetstormsecurity.com/files/160358/WordPress-Canto-1.3.0-Server-Side-Request-Forgery.html https://nvd.nist.gov https://www.exploit-db.com/exploits/49189

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-28978

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect