{"id":3604,"date":"2024-04-23T21:45:10","date_gmt":"2024-04-23T21:45:10","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-collapse-o-matic-1-8-5-5\/"},"modified":"2024-04-23T21:45:10","modified_gmt":"2024-04-23T21:45:10","slug":"vulnerabilidad-de-cross-site-scripting-almacenado-en-collapse-o-matic-1-8-5-5","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-collapse-o-matic-1-8-5-5\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting almacenado en Collapse-O-Matic <= 1.8.5.5"},"content":{"rendered":"
<\/p>\n
El plugin Collapse-O-Matic para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del shortcode ‘expand’ del plugin en todas las versiones hasta, e incluyendo, 1.8.5.5 debido a una sanitizaci\u00f3n insuficiente de la entrada y escape de la salida en el atributo ‘tag’ suministrado por el usuario. Esto permite a atacantes autenticados con permisos de […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1314],"yoast_head":"\n