Vulnerability Details CVE-2020-24063
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.7%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 5.0
References
- https://gist.github.com/Hakooraevil/264cb21034f946eee62371e9111c36bb
- https://github.com/CantoDAM/Canto-Wordpress-Plugin
- https://wordpress.org/plugins/canto/#developers
- https://www.canto.com/integrations/wordpress/
- https://gist.github.com/Hakooraevil/264cb21034f946eee62371e9111c36bb
- https://github.com/CantoDAM/Canto-Wordpress-Plugin
- https://wordpress.org/plugins/canto/#developers
- https://www.canto.com/integrations/wordpress/