{"id":3484,"date":"2024-04-09T17:45:18","date_gmt":"2024-04-09T17:45:18","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/"},"modified":"2024-04-09T17:45:18","modified_gmt":"2024-04-09T17:45:18","slug":"vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/","title":{"rendered":"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26"},"content":{"rendered":"<div>La vulnerabilidad de Server-Side Request Forgery (SSRF) en el plugin Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features para WordPress afecta a todas las versiones hasta, e incluyendo, la 3.1.26 a trav\u00e9s de la acci\u00f3n AJAX &#8216;kadence_import_get_new_connection_data&#8217;. Esto permite a atacantes autenticados, con acceso de nivel colaborador y superior, realizar solicitudes web a ubicaciones arbitrarias originadas desde la aplicaci\u00f3n web y puede ser utilizada para consultar y modificar informaci\u00f3n de servicios internos.<\/div>\n<p><\/p>\n<div>La vulnerabilidad de SSRF en el plugin Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 representa un riesgo para la seguridad de sitios web que lo utilicen. Para mitigar este riesgo, se recomienda a los usuarios actualizar el plugin a la \u00faltima versi\u00f3n disponible que contenga una correcci\u00f3n para esta vulnerabilidad. Adicionalmente, se sugiere que los administradores limiten los privilegios de los usuarios para reducir la posibilidad de explotaci\u00f3n de esta vulnerabilidad. Realizar auditor\u00edas regulares de seguridad y monitorear activamente la actividad del plugin tambi\u00e9n puede ayudar a detectar y prevenir posibles ataques.<\/div>\n<div>Es crucial que los usuarios de WordPress que utilicen el plugin Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features verifiquen y apliquen las actualizaciones de seguridad disponibles para proteger sus sitios web contra la vulnerabilidad de Server-Side Request Forgery (SSRF). Al tomar medidas proactivas para mejorar la seguridad de sus sitios, los administradores pueden reducir el riesgo de posibles compromisos de datos y asegurar la integridad de sus plataformas en l\u00ednea.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>La vulnerabilidad de Server-Side Request Forgery (SSRF) en el plugin Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features para WordPress afecta a todas las versiones hasta, e incluyendo, la 3.1.26 a trav\u00e9s de la acci\u00f3n AJAX &#8216;kadence_import_get_new_connection_data&#8217;. Esto permite a atacantes autenticados, con acceso de nivel colaborador y superior, realizar solicitudes web a ubicaciones [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1194],"class_list":["post-3484","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2023-6964"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad de Server-Side Request Forgery (SSRF) en el plugin Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features para WordPress afecta a todas las versiones hasta, e incluyendo, la 3.1.26 a trav\u00e9s de la acci\u00f3n AJAX &#8216;kadence_import_get_new_connection_data&#8217;. Esto permite a atacantes autenticados, con acceso de nivel colaborador y superior, realizar solicitudes web a ubicaciones [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-09T17:45:18+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/\",\"name\":\"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-04-09T17:45:18+00:00\",\"dateModified\":\"2024-04-09T17:45:18+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 - SeguridadWordPress.es","og_description":"La vulnerabilidad de Server-Side Request Forgery (SSRF) en el plugin Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features para WordPress afecta a todas las versiones hasta, e incluyendo, la 3.1.26 a trav\u00e9s de la acci\u00f3n AJAX &#8216;kadence_import_get_new_connection_data&#8217;. Esto permite a atacantes autenticados, con acceso de nivel colaborador y superior, realizar solicitudes web a ubicaciones [&hellip;]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-04-09T17:45:18+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/","name":"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-04-09T17:45:18+00:00","dateModified":"2024-04-09T17:45:18+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-server-side-request-forgery-ssrf-en-gutenberg-blocks-by-kadence-blocks-page-builder-features-3-1-26\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Server-Side Request Forgery (SSRF) en Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features &lt;= 3.1.26"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3484"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3484"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3484\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3484"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3484"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3484"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}