Vulnerability Description
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to be enabled on the target site in order to exploit.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canto | Canto | < 3.0.9 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/canto/trunk/includes/lib/sizes.php#L1Patch
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old
- https://www.wordfence.com/threat-intel/vulnerabilities/id/95a68ae0-36da-499b-a09PatchThird Party Advisory
- https://plugins.trac.wordpress.org/browser/canto/trunk/includes/lib/sizes.php#L1Patch
- https://www.wordfence.com/threat-intel/vulnerabilities/id/95a68ae0-36da-499b-a09PatchThird Party Advisory
FAQ
What is CVE-2024-4936?
CVE-2024-4936 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to inc...
How severe is CVE-2024-4936?
CVE-2024-4936 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-4936?
Check the references section above for vendor advisories and patch information. Affected products include: Canto Canto.