Flightbycanto Canto vulnerabilities
4 known vulnerabilities affecting flightbycanto/canto.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-3452P2CRITICALCVSS 9.8PoC≤ 3.0.42023-08-12
CVE-2023-3452 [CRITICAL] CWE-98 CVE-2023-3452: The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and includi
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it
nvd
CVE-2024-4936P2CRITICALCVSS 9.8≤ 3.0.82024-06-14
CVE-2024-4936 [CRITICAL] CWE-98 CVE-2024-4936: The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and inc
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to be enabled on the target site in order to exploit.
nvd
CVE-2026-3335P3MEDIUMCVSS 5.3≤ 3.1.12026-03-21
CVE-2026-3335 [MEDIUM] CWE-862 CVE-2026-3335: The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and inc
The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the `/wp-content/plugins/canto/includes/lib/copy-media.php` file. This is due to the file being directly accessible without any authentication, authorization, or nonce checks, and the `fbc_flight_domain` and `fbc_app_api` URL component
nvd
CVE-2026-6441P4MEDIUMCVSS 4.3≤ 3.1.12026-04-17
CVE-2026-6441 [MEDIUM] CWE-862 CVE-2026-6441: The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and includin
The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions() function, which is exposed via two AJAX hooks: wp_ajax_updateOptions (class-canto.php line 231) and wp_ajax_fbc_updateOptions (class-canto-settings.
nvd