Known Vulnerabilities for products from Canto
Listed below are 8 of the newest known vulnerabilities associated with the vendor "Canto".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6441 json | Not Provided | 2026-04-17 | 2026-04-17 | |
| CVE-2024-4936 json | The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abs... | Not Provided | 2024-06-14 | 2026-04-08 |
| CVE-2023-3452 json | The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abs... | Not Provided | 2023-08-12 | 2026-04-08 |
| CVE-2022-40305 json | A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overl... | 9.8 - CRITICAL | 2022-09-09 | 2022-09-10 |
| CVE-2020-28978 json | The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a requ... | 5.3 - MEDIUM | 2020-11-30 | 2022-01-04 |
| CVE-2020-28977 json | The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a requ... | 5.3 - MEDIUM | 2020-11-30 | 2022-01-04 |
| CVE-2020-28976 json | The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a re... | 5.3 - MEDIUM | 2020-11-30 | 2022-01-04 |
| CVE-2020-24063 json | The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. | 7.2 - HIGH | 2020-11-10 | 2020-12-01 |
| CVE-2013-7416 json | canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metac... | 7.5 - HIGH | 2014-12-03 | 2017-09-08 |
Known software with vulnerabilities from Canto
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Canto | Canto | 1.3.0 |