CVE-2020-28977

Name of the Vulnerable Software and Affected Versions Canto plugin version 1.3.0 for WordPress

Description The issue allows an unauthenticated attacker to make a request to any internal and external server via the /includes/lib/get.php endpoint with the subdomain variable set to SSRF. This enables blind Server-Side Request Forgery (SSRF) attacks.

Recommendations For Canto plugin version 1.3.0, consider disabling the /includes/lib/get.php endpoint or restricting access to it until a patch is available. Avoid using the subdomain variable in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.