Vulnerabilities > Canto > Canto

DATE CVE VULNERABILITY TITLE RISK
2023-08-12 CVE-2023-3452 Unspecified vulnerability in Canto 1.3.0
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter.
network
low complexity
canto
critical
 9.8
9.8
2020-11-30 CVE-2020-28978 Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability.
network
low complexity
canto CWE-918
5.0
5.0
2020-11-30 CVE-2020-28977 Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability.
network
low complexity
canto CWE-918
5.0
5.0
2020-11-30 CVE-2020-28976 Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability.
network
low complexity
canto CWE-918
5.0
5.0
2020-11-10 CVE-2020-24063 Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
network
low complexity
canto CWE-918
5.0
5.0