The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF.Referenceshttps://github.com/CantoDAM/Canto-Wordpress-Pluginhttps://www.canto.com/integrations/wordpress/https://wordpress.org/plugins/canto/#developershttps://gist.github.com/p4nk4jv/87aebd999ce4b28063943480e95fd9e0http://packetstormsecurity.com/files/160358/WordPress-Canto-1.3.0-Server-Side-Request-Forgery.html
