Search Results | AttackerKB

Show filters

Topics 4 Users 9,748

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2020-28976

Disclosure Date: November 30, 2020 (last updated February 22, 2025)

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-28978

Disclosure Date: November 30, 2020 (last updated February 22, 2025)

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-28977

Disclosure Date: November 30, 2020 (last updated February 22, 2025)

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-24063

Disclosure Date: November 10, 2020 (last updated February 22, 2025)

The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.

Attack Vector: Network Privileges: None User Interaction: None

0