Vulnerabilities > CVE-2020-28978 - Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://www.canto.com/integrations/wordpress/
- https://github.com/CantoDAM/Canto-Wordpress-Plugin
- https://gist.github.com/p4nk4jv/87aebd999ce4b28063943480e95fd9e0
- https://wordpress.org/plugins/canto/#developers
- http://packetstormsecurity.com/files/160358/WordPress-Canto-1.3.0-Server-Side-Request-Forgery.html