CVE-2020-28976

Name of the Vulnerable Software and Affected Versions Canto plugin version 1.3.0 for WordPress

Description The issue allows an unauthenticated attacker to make a request to any internal and external server via the /includes/lib/detail.php endpoint with the subdomain variable set to SSRF. This enables the attacker to exploit the blind Server-Side Request Forgery (SSRF) vulnerability.

Recommendations For Canto plugin version 1.3.0, consider disabling the /includes/lib/detail.php endpoint or restricting access to it until a patch is available. Avoid using the subdomain variable in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.