{"id":3765,"date":"2024-05-21T18:45:09","date_gmt":"2024-05-21T18:45:09","guid":{"rendered":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/"},"modified":"2024-05-21T18:45:09","modified_gmt":"2024-05-21T18:45:09","slug":"nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/","title":{"rendered":"NextScripts: Social Networks Auto-Poster <= 4.4.3 – Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+)"},"content":{"rendered":"
El plugin NextScripts: Social Networks Auto-Poster para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n sensible en todas las versiones hasta, e incluyendo, la 4.4.3 a trav\u00e9s de la funci\u00f3n ‘nxs_getExpSettings’. Esto permite a atacantes autenticados, con acceso de suscriptor y superiores, extraer datos sensibles como claves y secretos de API de redes sociales.<\/div>\n

<\/p>\n

Los usuarios afectados por esta vulnerabilidad deben actualizar inmediatamente a la versi\u00f3n m\u00e1s reciente del plugin, en este caso, a la versi\u00f3n 4.4.4 o posterior. Adem\u00e1s, se recomienda revocar y generar nuevas claves y secretos de API de redes sociales para evitar posibles compromisos de cuenta.<\/div>\n
Es fundamental mantener los plugins de WordPress actualizados para protegerse de vulnerabilidades conocidas, como la divulgaci\u00f3n de informaci\u00f3n sensible. La seguridad de los datos sensibles en un sitio web es responsabilidad de todos los usuarios, por lo que se deben tomar medidas proactivas para mitigar posibles riesgos de seguridad.<\/div>\n","protected":false},"excerpt":{"rendered":"

El plugin NextScripts: Social Networks Auto-Poster para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n sensible en todas las versiones hasta, e incluyendo, la 4.4.3 a trav\u00e9s de la funci\u00f3n ‘nxs_getExpSettings’. Esto permite a atacantes autenticados, con acceso de suscriptor y superiores, extraer datos sensibles como claves y secretos de API de redes sociales. Los […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1475],"class_list":["post-3765","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-2088"],"yoast_head":"\nNextScripts: Social Networks Auto-Poster <= 4.4.3 - Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+) - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NextScripts: Social Networks Auto-Poster <= 4.4.3 - Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+) - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin NextScripts: Social Networks Auto-Poster para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n sensible en todas las versiones hasta, e incluyendo, la 4.4.3 a trav\u00e9s de la funci\u00f3n ‘nxs_getExpSettings’. Esto permite a atacantes autenticados, con acceso de suscriptor y superiores, extraer datos sensibles como claves y secretos de API de redes sociales. Los […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-21T18:45:09+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/\",\"url\":\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/\",\"name\":\"NextScripts: Social Networks Auto-Poster <= 4.4.3 - Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+) - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-05-21T18:45:09+00:00\",\"dateModified\":\"2024-05-21T18:45:09+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NextScripts: Social Networks Auto-Poster <= 4.4.3 – Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+)\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NextScripts: Social Networks Auto-Poster <= 4.4.3 - Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+) - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/","og_locale":"en_US","og_type":"article","og_title":"NextScripts: Social Networks Auto-Poster <= 4.4.3 - Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+) - SeguridadWordPress.es","og_description":"El plugin NextScripts: Social Networks Auto-Poster para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n sensible en todas las versiones hasta, e incluyendo, la 4.4.3 a trav\u00e9s de la funci\u00f3n ‘nxs_getExpSettings’. Esto permite a atacantes autenticados, con acceso de suscriptor y superiores, extraer datos sensibles como claves y secretos de API de redes sociales. Los […]","og_url":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-05-21T18:45:09+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/","url":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/","name":"NextScripts: Social Networks Auto-Poster <= 4.4.3 - Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+) - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-05-21T18:45:09+00:00","dateModified":"2024-05-21T18:45:09+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/nextscripts-social-networks-auto-poster-4-4-3-divulgacion-de-informacion-sensible-para-usuarios-autenticadossubscriber\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"NextScripts: Social Networks Auto-Poster <= 4.4.3 – Divulgaci\u00f3n de Informaci\u00f3n Sensible para Usuarios Autenticados(Subscriber+)"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3765"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3765"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3765\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3765"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3765"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3765"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}