{"id":3386,"date":"2024-03-29T18:45:29","date_gmt":"2024-03-29T18:45:29","guid":{"rendered":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/"},"modified":"2024-03-29T18:45:29","modified_gmt":"2024-03-29T18:45:29","slug":"ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/","title":{"rendered":"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 – Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes"},"content":{"rendered":"
El plugin Ultimate Addons for Beaver Builder \u2013 Lite para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget Separador de Im\u00e1genes en todas las versiones hasta, e incluyendo, la 1.5.7 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso de nivel de colaborador y superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada.<\/div>\n

<\/p>\n

Una forma de mitigar este problema es actualizar el plugin a la \u00faltima versi\u00f3n disponible, en este caso a la versi\u00f3n 1.5.8 o posterior, ya que el desarrollador suele parchear las vulnerabilidades en nuevas versiones. Adem\u00e1s, se recomienda a los usuarios tener cuidado al instalar plugins de terceros y asegurarse de que provienen de fuentes confiables y est\u00e1n actualizados regularmente para reducir el riesgo de exposici\u00f3n a ataques de este tipo.<\/div>\n
Es fundamental mantener todos los plugins y temas de WordPress actualizados para protegerse contra posibles vulnerabilidades de seguridad, como en el caso de Ultimate Addons for Beaver Builder \u2013 Lite. La seguridad en WordPress debe ser una prioridad para garantizar la integridad de los sitios web y la protecci\u00f3n de la informaci\u00f3n de los usuarios.<\/div>\n","protected":false},"excerpt":{"rendered":"

El plugin Ultimate Addons for Beaver Builder \u2013 Lite para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget Separador de Im\u00e1genes en todas las versiones hasta, e incluyendo, la 1.5.7 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso de nivel de colaborador […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1097],"class_list":["post-3386","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-2144"],"yoast_head":"\nUltimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 - Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 - Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin Ultimate Addons for Beaver Builder \u2013 Lite para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget Separador de Im\u00e1genes en todas las versiones hasta, e incluyendo, la 1.5.7 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso de nivel de colaborador […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-29T18:45:29+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/\",\"url\":\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/\",\"name\":\"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 - Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-03-29T18:45:29+00:00\",\"dateModified\":\"2024-03-29T18:45:29+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 – Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 - Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/","og_locale":"en_US","og_type":"article","og_title":"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 - Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes - SeguridadWordPress.es","og_description":"El plugin Ultimate Addons for Beaver Builder \u2013 Lite para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del widget Separador de Im\u00e1genes en todas las versiones hasta, e incluyendo, la 1.5.7 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso de nivel de colaborador […]","og_url":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-03-29T18:45:29+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/","url":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/","name":"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 - Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-03-29T18:45:29+00:00","dateModified":"2024-03-29T18:45:29+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/ultimate-addons-for-beaver-builder-lite-1-5-7-cross-site-scripting-a-traves-del-widget-separador-de-imagenes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Ultimate Addons for Beaver Builder \u2013 Lite <= 1.5.7 – Cross-Site Scripting a trav\u00e9s del Widget Separador de Im\u00e1genes"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3386"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3386"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3386\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3386"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3386"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3386"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}