{"id":3251,"date":"2024-03-19T19:45:17","date_gmt":"2024-03-19T19:45:17","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/"},"modified":"2024-03-19T19:45:17","modified_gmt":"2024-03-19T19:45:17","slug":"vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/","title":{"rendered":"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 &#8211; Bypass de Modo de Mantenimiento"},"content":{"rendered":"<div>El plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler para WordPress es vulnerable a un bypass de modo de mantenimiento en todas las versiones hasta, e incluyendo, la 2.1.2. Esto se debe a que el plugin se basa en REQUEST_URI para determinar si la p\u00e1gina que se est\u00e1 accediendo es un \u00e1rea de administraci\u00f3n. Esto hace posible que atacantes no autenticados eviten el modo de mantenimiento y accedan al sitio, que puede considerarse confidencial cuando est\u00e1 en modo de mantenimiento.<\/div>\n<p><\/p>\n<div>Los usuarios afectados por esta vulnerabilidad deben tomar medidas inmediatas para proteger sus sitios web. Una soluci\u00f3n temporal es desactivar el plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler hasta que se lance una actualizaci\u00f3n que corrija esta vulnerabilidad. Los desarrolladores del plugin tambi\u00e9n deben trabajar en una soluci\u00f3n permanente que no dependa \u00fanicamente de REQUEST_URI para determinar la autenticaci\u00f3n en el modo de mantenimiento. Se recomienda a los usuarios que vigilen de cerca las actualizaciones del plugin y se aseguren de instalarlas tan pronto como est\u00e9n disponibles.<\/div>\n<div>Es crucial abordar esta vulnerabilidad de seguridad lo antes posible para evitar posibles accesos no autorizados a sitios web sensibles. Al tomar medidas para proteger activamente sus sitios y mantenerse al tanto de las actualizaciones del plugin, los usuarios pueden reducir significativamente el riesgo de explotaci\u00f3n de esta vulnerabilidad.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>El plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler para WordPress es vulnerable a un bypass de modo de mantenimiento en todas las versiones hasta, e incluyendo, la 2.1.2. Esto se debe a que el plugin se basa en REQUEST_URI para determinar si la p\u00e1gina que se est\u00e1 accediendo es un \u00e1rea de [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[963],"class_list":["post-3251","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-1181"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 - Bypass de Modo de Mantenimiento - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 - Bypass de Modo de Mantenimiento - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler para WordPress es vulnerable a un bypass de modo de mantenimiento en todas las versiones hasta, e incluyendo, la 2.1.2. Esto se debe a que el plugin se basa en REQUEST_URI para determinar si la p\u00e1gina que se est\u00e1 accediendo es un \u00e1rea de [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-19T19:45:17+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/\",\"name\":\"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 - Bypass de Modo de Mantenimiento - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-03-19T19:45:17+00:00\",\"dateModified\":\"2024-03-19T19:45:17+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 &#8211; Bypass de Modo de Mantenimiento\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 - Bypass de Modo de Mantenimiento - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 - Bypass de Modo de Mantenimiento - SeguridadWordPress.es","og_description":"El plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler para WordPress es vulnerable a un bypass de modo de mantenimiento en todas las versiones hasta, e incluyendo, la 2.1.2. Esto se debe a que el plugin se basa en REQUEST_URI para determinar si la p\u00e1gina que se est\u00e1 accediendo es un \u00e1rea de [&hellip;]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-03-19T19:45:17+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/","name":"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 - Bypass de Modo de Mantenimiento - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-03-19T19:45:17+00:00","dateModified":"2024-03-19T19:45:17+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-en-plugin-coming-soon-under-construction-maintenance-mode-by-dazzler-2-1-2-bypass-de-modo-de-mantenimiento\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad en plugin Coming Soon, Under Construction &amp; Maintenance Mode By Dazzler &lt;= 2.1.2 &#8211; Bypass de Modo de Mantenimiento"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3251"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3251"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3251\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3251"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3251"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3251"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}