The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canto canto 1.3.0 |