CVE-2024-4936

moderate-risk
Published 2024-06-14

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to be enabled on the target site in order to exploit.

Do I need to act?

!
11.7% chance of exploitation in next 30 days
EPSS score — higher than 88% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Canto

References (5)

Patch https://plugins.trac.wordpress.org/browser/canto/trunk/includes/lib/sizes.php#L1...
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old...
Patch https://www.wordfence.com/threat-intel/vulnerabilities/id/95a68ae0-36da-499b-a09...
Patch https://plugins.trac.wordpress.org/browser/canto/trunk/includes/lib/sizes.php#L1...
Patch https://www.wordfence.com/threat-intel/vulnerabilities/id/95a68ae0-36da-499b-a09...
48
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 11/34 · Low
Exposure 5/34 · Minimal