{"id":3935,"date":"2024-06-05T13:46:31","date_gmt":"2024-06-05T13:46:31","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/"},"modified":"2024-06-05T13:46:31","modified_gmt":"2024-06-05T13:46:31","slug":"vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/","title":{"rendered":"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale"},"content":{"rendered":"
La vulnerabilidad CVE-2023-6956 en el plugin EasyAzon para WordPress permite a atacantes no autenticados realizar ataques de XSS a trav\u00e9s del par\u00e1metro ‘easyazon-cloaking-locale’ en versiones hasta la 5.1.0. Esto se debe a una insuficiente sanitizaci\u00f3n de entrada y escape de la misma.<\/div>\n

<\/p>\n

Los usuarios afectados por esta vulnerabilidad deben actualizar el plugin EasyAzon a la \u00faltima versi\u00f3n disponible para asegurar que se implementen las correcciones necesarias. Adem\u00e1s, se recomienda a los usuarios ser cautos al hacer clic en enlaces sospechosos que podr\u00edan aprovechar esta vulnerabilidad para ejecutar scripts maliciosos en sus p\u00e1ginas.<\/div>\n
Es crucial para la seguridad de un sitio web WordPress mantener todos los plugins actualizados y ser conscientes de las posibles vulnerabilidades que podr\u00edan ser aprovechadas por ciberdelincuentes. Al tomar medidas proactivas para garantizar la seguridad de tus plugins, puedes reducir significativamente el riesgo de ataques exitosos.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad CVE-2023-6956 en el plugin EasyAzon para WordPress permite a atacantes no autenticados realizar ataques de XSS a trav\u00e9s del par\u00e1metro ‘easyazon-cloaking-locale’ en versiones hasta la 5.1.0. Esto se debe a una insuficiente sanitizaci\u00f3n de entrada y escape de la misma. Los usuarios afectados por esta vulnerabilidad deben actualizar el plugin EasyAzon a la […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1645],"class_list":["post-3935","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2023-6956"],"yoast_head":"\nVulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad CVE-2023-6956 en el plugin EasyAzon para WordPress permite a atacantes no autenticados realizar ataques de XSS a trav\u00e9s del par\u00e1metro ‘easyazon-cloaking-locale’ en versiones hasta la 5.1.0. Esto se debe a una insuficiente sanitizaci\u00f3n de entrada y escape de la misma. Los usuarios afectados por esta vulnerabilidad deben actualizar el plugin EasyAzon a la […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-05T13:46:31+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/\",\"name\":\"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-06-05T13:46:31+00:00\",\"dateModified\":\"2024-06-05T13:46:31+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale - SeguridadWordPress.es","og_description":"La vulnerabilidad CVE-2023-6956 en el plugin EasyAzon para WordPress permite a atacantes no autenticados realizar ataques de XSS a trav\u00e9s del par\u00e1metro ‘easyazon-cloaking-locale’ en versiones hasta la 5.1.0. Esto se debe a una insuficiente sanitizaci\u00f3n de entrada y escape de la misma. Los usuarios afectados por esta vulnerabilidad deben actualizar el plugin EasyAzon a la […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-06-05T13:46:31+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/","name":"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-06-05T13:46:31+00:00","dateModified":"2024-06-05T13:46:31+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-en-easyazon-plugin-de-afiliados-de-amazon-associates-5-1-0-a-traves-de-easyazon-cloaking-locale\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de XSS en EasyAzon \u2013 Plugin de Afiliados de Amazon Associates <= 5.1.0 a trav\u00e9s de easyazon-cloaking-locale"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3935"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=3935"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/3935\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=3935"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=3935"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=3935"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}