{"id":3791,"date":"2024-05-22T16:45:09","date_gmt":"2024-05-22T16:45:09","guid":{"rendered":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/"},"modified":"2024-05-22T16:45:09","modified_gmt":"2024-05-22T16:45:09","slug":"romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/","title":{"rendered":"RomethemeForm For Elementor <= 1.1.5 – Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate"},"content":{"rendered":"
El plugin RomethemeForm For Elementor para WordPress es vulnerable a accesos no autorizados y modificaciones de datos debido a la falta de comprobaci\u00f3n de capacidades en las funciones export_entries, rtformnewform y rtformupdate en todas las versiones hasta, e incluyendo, la 1.1.5. Esto permite que atacantes no autenticados exporten env\u00edos de formularios arbitrarios, creen nuevos formularios o actualicen cualquier t\u00edtulo de publicaci\u00f3n o ciertos metadatos.<\/div>\n

<\/p>\n

Los usuarios afectados por esta vulnerabilidad deben tomar medidas inmediatas para proteger sus datos. Se recomienda desactivar el plugin RomethemeForm For Elementor hasta que se lance una actualizaci\u00f3n que resuelva este problema. Adem\u00e1s, es importante garantizar que el resto de los plugins y temas instalados est\u00e9n actualizados y que se sigan las pr\u00e1cticas de seguridad recomendadas.<\/div>\n
Es fundamental para la seguridad de tu sitio web WordPress estar al tanto de las vulnerabilidades en los plugins que utilizas y tomar medidas proactivas para mitigar los riesgos. En este caso, la falta de autorizaci\u00f3n en el plugin RomethemeForm For Elementor puede comprometer la integridad de tus datos, por lo que se insta a los usuarios a tomar las precauciones necesarias.<\/div>\n","protected":false},"excerpt":{"rendered":"

El plugin RomethemeForm For Elementor para WordPress es vulnerable a accesos no autorizados y modificaciones de datos debido a la falta de comprobaci\u00f3n de capacidades en las funciones export_entries, rtformnewform y rtformupdate en todas las versiones hasta, e incluyendo, la 1.1.5. Esto permite que atacantes no autenticados exporten env\u00edos de formularios arbitrarios, creen nuevos formularios […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1501],"class_list":["post-3791","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2023-6325"],"yoast_head":"\nRomethemeForm For Elementor <= 1.1.5 - Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"RomethemeForm For Elementor <= 1.1.5 - Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin RomethemeForm For Elementor para WordPress es vulnerable a accesos no autorizados y modificaciones de datos debido a la falta de comprobaci\u00f3n de capacidades en las funciones export_entries, rtformnewform y rtformupdate en todas las versiones hasta, e incluyendo, la 1.1.5. Esto permite que atacantes no autenticados exporten env\u00edos de formularios arbitrarios, creen nuevos formularios […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-22T16:45:09+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/\",\"url\":\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/\",\"name\":\"RomethemeForm For Elementor <= 1.1.5 - Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-05-22T16:45:09+00:00\",\"dateModified\":\"2024-05-22T16:45:09+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"RomethemeForm For Elementor <= 1.1.5 – Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"RomethemeForm For Elementor <= 1.1.5 - Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/","og_locale":"en_US","og_type":"article","og_title":"RomethemeForm For Elementor <= 1.1.5 - Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate - SeguridadWordPress.es","og_description":"El plugin RomethemeForm For Elementor para WordPress es vulnerable a accesos no autorizados y modificaciones de datos debido a la falta de comprobaci\u00f3n de capacidades en las funciones export_entries, rtformnewform y rtformupdate en todas las versiones hasta, e incluyendo, la 1.1.5. Esto permite que atacantes no autenticados exporten env\u00edos de formularios arbitrarios, creen nuevos formularios […]","og_url":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-05-22T16:45:09+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/","url":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/","name":"RomethemeForm For Elementor <= 1.1.5 - Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-05-22T16:45:09+00:00","dateModified":"2024-05-22T16:45:09+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/romethemeform-for-elementor-1-1-5-falta-de-autorizacion-mediante-export_entries-rtformnewform-y-rtformupdate\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"RomethemeForm For Elementor <= 1.1.5 – Falta de autorizaci\u00f3n mediante export_entries, rtformnewform y rtformupdate"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3791"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3791"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3791\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3791"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}