{"id":2942,"date":"2024-02-20T19:45:31","date_gmt":"2024-02-20T19:45:31","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/"},"modified":"2024-02-20T19:45:31","modified_gmt":"2024-02-20T19:45:31","slug":"vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress"},"content":{"rendered":"<div>La vulnerabilidad CVE-2024-0591, que afecta al plugin wpDataTables de WordPress en versiones hasta la 3.4.2.2, permite a atacantes no autenticados realizar ataques de Cross-Site Scripting (XSS) si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace.<\/div>\n<p><\/p>\n<div>La vulnerabilidad de Cross-Site Scripting en el plugin wpDataTables se debe a una falta de saneamiento de entrada y escape de salida en el par\u00e1metro &#8216;A&#8217;. Esto significa que los atacantes pueden insertar scripts web arbitrarios en p\u00e1ginas y estos se ejecutar\u00e1n al ser visualizados por un usuario. Para mitigar este riesgo, se recomienda a los usuarios actualizar a la \u00faltima versi\u00f3n del plugin, en este caso, la 3.4.2.3, que corrige esta vulnerabilidad. Adem\u00e1s, se aconseja ser cuidadosos al hacer clic en enlaces de sitios web desconocidos para evitar caer en posibles ataques de phishing.<\/div>\n<div>Es fundamental mantener los plugins de WordPress actualizados y ser conscientes de los riesgos de seguridad en la web. Al tomar medidas como actualizar regularmente los plugins y ser precavidos al interactuar con contenido en l\u00ednea, los usuarios pueden protegerse mejor contra posibles ataques de Cross-Site Scripting y otras amenazas en la red.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>La vulnerabilidad CVE-2024-0591, que afecta al plugin wpDataTables de WordPress en versiones hasta la 3.4.2.2, permite a atacantes no autenticados realizar ataques de Cross-Site Scripting (XSS) si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace. La vulnerabilidad de Cross-Site Scripting en el plugin wpDataTables se debe a [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[655],"class_list":["post-2942","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-0591"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad CVE-2024-0591, que afecta al plugin wpDataTables de WordPress en versiones hasta la 3.4.2.2, permite a atacantes no autenticados realizar ataques de Cross-Site Scripting (XSS) si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace. La vulnerabilidad de Cross-Site Scripting en el plugin wpDataTables se debe a [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-20T19:45:31+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-02-20T19:45:31+00:00\",\"dateModified\":\"2024-02-20T19:45:31+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress - SeguridadWordPress.es","og_description":"La vulnerabilidad CVE-2024-0591, que afecta al plugin wpDataTables de WordPress en versiones hasta la 3.4.2.2, permite a atacantes no autenticados realizar ataques de Cross-Site Scripting (XSS) si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace. La vulnerabilidad de Cross-Site Scripting en el plugin wpDataTables se debe a [&hellip;]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-02-20T19:45:31+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/","name":"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-02-20T19:45:31+00:00","dateModified":"2024-02-20T19:45:31+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-wpdatatables-de-wordpress\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en el Plugin wpDataTables de WordPress"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/2942"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=2942"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/2942\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=2942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=2942"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=2942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}