Exposure of Canto
Digital asset management19
exposure score
316
sites use
0
exploited
3
critical
CVEs
5 resultsCVE-2023-3452CRITICALCanto <= 3.0.4 - Unauthenticated Remote File InclusionEPSS 5.6%CVE-2024-4936CRITICALCanto <= 3.0.8 - Unauthenticated Remote File InclusionEPSS 1.0%CVE-2024-25096CRITICALWordPress canto plugin <= 3.0.7 - Unauth. Remote Code Execution (RCE) vulnerabilityEPSS 0.7%CVE-2026-3335MEDIUMCanto <= 3.1.1 - Missing Authorization to Unauthenticated File UploadEPSS 0.4%CVE-2026-6441MEDIUMCanto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting ModificationEPSS 0.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →