{"id":3803,"date":"2024-05-22T22:45:21","date_gmt":"2024-05-22T22:45:21","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/"},"modified":"2024-05-22T22:45:21","modified_gmt":"2024-05-22T22:45:21","slug":"vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra – WordPress Gutenberg Blocks <= 2.12.8"},"content":{"rendered":"
La vulnerabilidad CVE-2024-1814 afecta al plugin Spectra – WordPress Gutenberg Blocks en su versi\u00f3n 2.12.8 y anteriores, permitiendo a atacantes autenticados con nivel de contribuidor o superior realizar ataques de Cross-Site Scripting almacenado a trav\u00e9s del bloque de Testimonios del plugin.<\/div>\n

<\/p>\n

El plugin Spectra – WordPress Gutenberg Blocks es vulnerable a ataques de Cross-Site Scripting almacenado debido a la falta de saneamiento de entradas y escape de salida en los atributos suministrados por los usuarios. Esto habilita a atacantes autenticados a inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a la p\u00e1gina comprometida. Para mitigar esta vulnerabilidad, se recomienda actualizar a la \u00faltima versi\u00f3n del plugin de manera inmediata y restringir los privilegios de los usuarios en WordPress para limitar el acceso.<\/div>\n
Es fundamental mantener actualizados todos los plugins de WordPress y restringir los privilegios de los usuarios para evitar posibles vulnerabilidades de seguridad como la explotada en el plugin Spectra \u2013 WordPress Gutenberg Blocks. La seguridad debe ser una prioridad en la gesti\u00f3n de sitios web para proteger la integridad de la informaci\u00f3n y la privacidad de los usuarios.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad CVE-2024-1814 afecta al plugin Spectra – WordPress Gutenberg Blocks en su versi\u00f3n 2.12.8 y anteriores, permitiendo a atacantes autenticados con nivel de contribuidor o superior realizar ataques de Cross-Site Scripting almacenado a trav\u00e9s del bloque de Testimonios del plugin. El plugin Spectra – WordPress Gutenberg Blocks es vulnerable a ataques de Cross-Site Scripting […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1513],"class_list":["post-3803","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-1814"],"yoast_head":"\nVulnerabilidad de Cross-Site Scripting en el plugin Spectra - WordPress Gutenberg Blocks <= 2.12.8 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra - WordPress Gutenberg Blocks <= 2.12.8 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad CVE-2024-1814 afecta al plugin Spectra – WordPress Gutenberg Blocks en su versi\u00f3n 2.12.8 y anteriores, permitiendo a atacantes autenticados con nivel de contribuidor o superior realizar ataques de Cross-Site Scripting almacenado a trav\u00e9s del bloque de Testimonios del plugin. El plugin Spectra – WordPress Gutenberg Blocks es vulnerable a ataques de Cross-Site Scripting […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-22T22:45:21+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra - WordPress Gutenberg Blocks <= 2.12.8 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-05-22T22:45:21+00:00\",\"dateModified\":\"2024-05-22T22:45:21+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra – WordPress Gutenberg Blocks <= 2.12.8\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra - WordPress Gutenberg Blocks <= 2.12.8 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra - WordPress Gutenberg Blocks <= 2.12.8 - SeguridadWordPress.es","og_description":"La vulnerabilidad CVE-2024-1814 afecta al plugin Spectra – WordPress Gutenberg Blocks en su versi\u00f3n 2.12.8 y anteriores, permitiendo a atacantes autenticados con nivel de contribuidor o superior realizar ataques de Cross-Site Scripting almacenado a trav\u00e9s del bloque de Testimonios del plugin. El plugin Spectra – WordPress Gutenberg Blocks es vulnerable a ataques de Cross-Site Scripting […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-05-22T22:45:21+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/","name":"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra - WordPress Gutenberg Blocks <= 2.12.8 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-05-22T22:45:21+00:00","dateModified":"2024-05-22T22:45:21+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-el-plugin-spectra-wordpress-gutenberg-blocks-2-12-8\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en el plugin Spectra – WordPress Gutenberg Blocks <= 2.12.8"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3803"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3803"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3803\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3803"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}