{"id":3198,"date":"2024-03-13T17:45:32","date_gmt":"2024-03-13T17:45:32","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/"},"modified":"2024-03-13T17:45:32","modified_gmt":"2024-03-13T17:45:32","slug":"vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4"},"content":{"rendered":"
El plugin Beaver Builder Addons by WPZOOM para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget de encabezado en todas las versiones hasta, e incluyendo, 1.3.4 debido a una sanitizaci\u00f3n insuficiente de la entrada y escape de la salida. Esto permite a atacantes autenticados, con acceso de nivel contribuidor y superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada.<\/div>\n

<\/p>\n

La vulnerabilidad CVE-2024-2183 en Beaver Builder Addons by WPZOOM <= 1.3.4 permite a usuarios malintencionados con ciertos niveles de acceso insertar c\u00f3digo JavaScript malicioso en las p\u00e1ginas web creadas con el plugin. Para mitigar este riesgo, se recomienda a los usuarios actualizar el plugin a la \u00faltima versi\u00f3n disponible de inmediato. Adem\u00e1s, es importante educar a todos los usuarios con acceso al panel de administraci\u00f3n sobre los riesgos de seguridad asociados con la ejecuci\u00f3n de scripts web no autorizados.<\/div>\n
La seguridad de un sitio web WordPress es crucial para proteger la informaci\u00f3n y la privacidad de los usuarios. Mantener todos los plugins y temas actualizados, as\u00ed como implementar buenas pr\u00e1cticas de seguridad, como la limitaci\u00f3n de los privilegios de los usuarios, son pasos fundamentales para mitigar las vulnerabilidades de seguridad, como en el caso de la vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM.<\/div>\n","protected":false},"excerpt":{"rendered":"

El plugin Beaver Builder Addons by WPZOOM para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget de encabezado en todas las versiones hasta, e incluyendo, 1.3.4 debido a una sanitizaci\u00f3n insuficiente de la entrada y escape de la salida. Esto permite a atacantes autenticados, con acceso de nivel contribuidor y superior, inyectar […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[911],"class_list":["post-3198","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-2183"],"yoast_head":"\nVulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin Beaver Builder Addons by WPZOOM para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget de encabezado en todas las versiones hasta, e incluyendo, 1.3.4 debido a una sanitizaci\u00f3n insuficiente de la entrada y escape de la salida. Esto permite a atacantes autenticados, con acceso de nivel contribuidor y superior, inyectar […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-13T17:45:32+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-03-13T17:45:32+00:00\",\"dateModified\":\"2024-03-13T17:45:32+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4 - SeguridadWordPress.es","og_description":"El plugin Beaver Builder Addons by WPZOOM para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget de encabezado en todas las versiones hasta, e incluyendo, 1.3.4 debido a una sanitizaci\u00f3n insuficiente de la entrada y escape de la salida. Esto permite a atacantes autenticados, con acceso de nivel contribuidor y superior, inyectar […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-03-13T17:45:32+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/","name":"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-03-13T17:45:32+00:00","dateModified":"2024-03-13T17:45:32+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-beaver-builder-addons-by-wpzoom-1-3-4\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en Beaver Builder Addons by WPZOOM <= 1.3.4"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3198"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3198"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3198\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3198"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}