CVE-2023-3452

Description

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server.

NVD
Severity: N/A
CVE ID: CVE-2023-3452
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.

Wordfence
Severity: CRITICAL
CVE ID: CVE-2023-3452
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

leoanggal1

Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept