Flightbycanto Canto
4 CVEs affecting Flightbycanto Canto. Latest disclosed: 2026-04-17. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-4936 | Critical | 9.8 | 2024-06-14 | The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it poss… |
CVE-2023-3452 | Critical | 9.8 | 2023-08-12 | The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unaut… |
CVE-2026-3335 | Medium | 5.3 | 2026-03-21 | The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the `/wp-content/plugins/canto/includes/l… |
CVE-2026-6441 | Medium | 4.3 | 2026-04-17 | The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check… |