{"id":3257,"date":"2024-03-19T19:46:06","date_gmt":"2024-03-19T19:46:06","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/"},"modified":"2024-03-19T19:46:06","modified_gmt":"2024-03-19T19:46:06","slug":"vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11"},"content":{"rendered":"
La vulnerabilidad CVE-2024-1379 afecta al plugin Website Article Monetization By MageNet para WordPress, permitiendo a atacantes no autenticados ejecutar scripts maliciosos en las p\u00e1ginas del sitio web.<\/div>\n

<\/p>\n

La vulnerabilidad de Cross-Site Scripting (XSS) se produce debido a una insuficiente sanitizaci\u00f3n de la entrada y escape de salida, junto con una falta de comprobaci\u00f3n de autorizaci\u00f3n en la versi\u00f3n 1.0.11 y anteriores del plugin. Esto significa que un atacante no autenticado podr\u00eda insertar scripts web arbitrarios en las p\u00e1ginas del sitio que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina infectada. Para mitigar este riesgo, se recomienda a los usuarios actualizar el plugin a la \u00faltima versi\u00f3n disponible y mantenerse al tanto de las actualizaciones de seguridad.<\/div>\n
Es fundamental para los propietarios de sitios web de WordPress tomar medidas proactivas para proteger sus sitios de vulnerabilidades conocidas, como la descrita anteriormente en el plugin Website Article Monetization By MageNet. Mantener los plugins actualizados y realizar auditor\u00edas de seguridad peri\u00f3dicas puede ayudar a prevenir la explotaci\u00f3n de estas vulnerabilidades y proteger la integridad de los sitios web.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad CVE-2024-1379 afecta al plugin Website Article Monetization By MageNet para WordPress, permitiendo a atacantes no autenticados ejecutar scripts maliciosos en las p\u00e1ginas del sitio web. La vulnerabilidad de Cross-Site Scripting (XSS) se produce debido a una insuficiente sanitizaci\u00f3n de la entrada y escape de salida, junto con una falta de comprobaci\u00f3n de autorizaci\u00f3n […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[969],"class_list":["post-3257","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-1379"],"yoast_head":"\nVulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad CVE-2024-1379 afecta al plugin Website Article Monetization By MageNet para WordPress, permitiendo a atacantes no autenticados ejecutar scripts maliciosos en las p\u00e1ginas del sitio web. La vulnerabilidad de Cross-Site Scripting (XSS) se produce debido a una insuficiente sanitizaci\u00f3n de la entrada y escape de salida, junto con una falta de comprobaci\u00f3n de autorizaci\u00f3n […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-19T19:46:06+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-03-19T19:46:06+00:00\",\"dateModified\":\"2024-03-19T19:46:06+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11 - SeguridadWordPress.es","og_description":"La vulnerabilidad CVE-2024-1379 afecta al plugin Website Article Monetization By MageNet para WordPress, permitiendo a atacantes no autenticados ejecutar scripts maliciosos en las p\u00e1ginas del sitio web. La vulnerabilidad de Cross-Site Scripting (XSS) se produce debido a una insuficiente sanitizaci\u00f3n de la entrada y escape de salida, junto con una falta de comprobaci\u00f3n de autorizaci\u00f3n […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-03-19T19:46:06+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/","name":"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-03-19T19:46:06+00:00","dateModified":"2024-03-19T19:46:06+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-website-article-monetization-by-magenet-1-0-11\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en el Plugin Website Article Monetization By MageNet <= 1.0.11"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3257"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3257"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3257\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3257"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3257"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}