Product
canto
9 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-4936
CVE-2024-25096
CVE-2023-3452
CVE-2022-40305
CVE-2020-28978
CVE-2020-28977
CVE-2020-28976
CVE-2020-24063
CVE-2013-7416
< 3.0.9
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath
<= 3.0.7
Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affec
<= 3.0.4
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath'
<= 11.1.3
A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload n
all versions
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request t
all versions
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request t
all versions
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request
all versions
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
<= 0.9.0
canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharac