Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities - CVE-2020-28978 - Vulnerability Database
WP Plugin Canto

WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities - CVE-2020-28978

High
Reference: CVE-2020-28978
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-28978
Title: WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities
Overview:

WordPress Plugin Canto is prone to multiple server-side request forgery vulnerabilities. An attacker may leverage these issues to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin Canto version 1.7.0 is vulnerable prior versions may also be affected.