{"id":4019,"date":"2024-06-12T17:45:10","date_gmt":"2024-06-12T17:45:10","guid":{"rendered":"http:\/\/127.0.0.1\/elementor-header-footer-builder-1-6-35-cross-site-scripting-a-traves-del-widget-titulo-del-sitio\/"},"modified":"2024-06-12T17:45:10","modified_gmt":"2024-06-12T17:45:10","slug":"elementor-header-footer-builder-1-6-35-cross-site-scripting-a-traves-del-widget-titulo-del-sitio","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/elementor-header-footer-builder-1-6-35-cross-site-scripting-a-traves-del-widget-titulo-del-sitio\/","title":{"rendered":"Elementor Header & Footer Builder <= 1.6.35 – Cross-Site Scripting a trav\u00e9s del widget T\u00edtulo del Sitio"},"content":{"rendered":"
<\/p>\n
La vulnerabilidad CVE-2024-5757 afecta al plugin Elementor Header & Footer Builder para WordPress, permitiendo a atacantes autenticados realizar Cross-Site Scripting a trav\u00e9s del atributo URL del widget T\u00edtulo del Sitio en todas las versiones hasta la 1.6.35. La falta de sanitizaci\u00f3n de entrada y escape de salida dentro del plugin Elementor Header & Footer Builder […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1729],"class_list":["post-4019","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-5757"],"yoast_head":"\n