Vulnerabilities > CVE-2023-3452 - Unspecified vulnerability in Canto

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

canto

critical

NVD

Published: 2023-08-12

Updated: 2023-11-07

Summary

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server.

Vulnerable Configurations

Part	Description	Count
Application	Canto Canto Canto - Canto Canto 1.0.0 Canto Canto 1.1.0 Canto Canto 1.2.0 Canto Canto 1.2.1 Canto Canto 1.3.0 Canto Canto 1.4.0 Canto Canto 1.5.0 Canto Canto 1.6.0 Canto Canto 1.7.0 Canto Canto 1.8.0 Canto Canto 1.9.0 Canto Canto 2.0.0 Canto Canto 2.0.1 Canto Canto 2.0.2 Canto Canto 2.0.3 Canto Canto 2.0.4 Canto Canto 2.0.5 Canto Canto 2.0.6 Canto Canto 2.0.7 Canto Canto 2.0.8 Canto Canto 2.0.9 Canto Canto 2.0.10 Canto Canto 2.1.1 Canto Canto 2.1.1.1 Canto Canto 2.1.2 Canto Canto 3.0.0 Canto Canto 3.0.1 Canto Canto 3.0.2 Canto Canto 3.0.3 Canto Canto 3.0.4	31

Summary

Vulnerable Configurations

References