{"id":4025,"date":"2024-06-12T20:45:25","date_gmt":"2024-06-12T20:45:25","guid":{"rendered":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/"},"modified":"2024-06-12T20:45:25","modified_gmt":"2024-06-12T20:45:25","slug":"codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/","title":{"rendered":"CoDesigner WooCommerce Builder for Elementor &#8211; Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada"},"content":{"rendered":"<div>La vulnerabilidad de inyecci\u00f3n de objetos PHP en el plugin CoDesigner WooCommerce Builder for Elementor &#8211; Customize Checkout, Shop, Email, Products &amp; More para WordPress en versiones hasta 4.4.1 pone en riesgo la seguridad de los sitios web que lo utilizan.<\/div>\n<p><\/p>\n<div>El plugin CoDesigner WooCommerce Builder for Elementor es vulnerable a la inyecci\u00f3n de objetos PHP a trav\u00e9s de la deserializaci\u00f3n de datos no confiables provenientes de la cookie recently_viewed_products. Esto permite que atacantes no autenticados inyecten un Objeto PHP. No se ha encontrado ninguna cadena POP conocida en el plugin vulnerable. Sin embargo, si una cadena POP est\u00e1 presente a trav\u00e9s de un plugin o tema adicional instalado en el sistema objetivo, podr\u00eda permitir al atacante eliminar archivos arbitrarios, recuperar datos sensibles o ejecutar c\u00f3digo malicioso.<\/div>\n<div>Para mitigar el riesgo de esta vulnerabilidad, se recomienda a los usuarios actualizar el plugin CoDesigner WooCommerce Builder for Elementor a la versi\u00f3n 4.4.2 o superior tan pronto como sea posible. Adem\u00e1s, se aconseja a los administradores de sitios web realizar una revisi\u00f3n de seguridad exhaustiva para detectar posibles compromisos adicionales en caso de que la inyecci\u00f3n de objetos PHP haya sido aprovechada por un atacante.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>La vulnerabilidad de inyecci\u00f3n de objetos PHP en el plugin CoDesigner WooCommerce Builder for Elementor &#8211; Customize Checkout, Shop, Email, Products &amp; More para WordPress en versiones hasta 4.4.1 pone en riesgo la seguridad de los sitios web que lo utilizan. El plugin CoDesigner WooCommerce Builder for Elementor es vulnerable a la inyecci\u00f3n de objetos [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1735],"class_list":["post-4025","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-4371"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CoDesigner WooCommerce Builder for Elementor - Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CoDesigner WooCommerce Builder for Elementor - Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad de inyecci\u00f3n de objetos PHP en el plugin CoDesigner WooCommerce Builder for Elementor &#8211; Customize Checkout, Shop, Email, Products &amp; More para WordPress en versiones hasta 4.4.1 pone en riesgo la seguridad de los sitios web que lo utilizan. El plugin CoDesigner WooCommerce Builder for Elementor es vulnerable a la inyecci\u00f3n de objetos [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-12T20:45:25+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/\",\"url\":\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/\",\"name\":\"CoDesigner WooCommerce Builder for Elementor - Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-06-12T20:45:25+00:00\",\"dateModified\":\"2024-06-12T20:45:25+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CoDesigner WooCommerce Builder for Elementor &#8211; Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CoDesigner WooCommerce Builder for Elementor - Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/","og_locale":"en_US","og_type":"article","og_title":"CoDesigner WooCommerce Builder for Elementor - Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada - SeguridadWordPress.es","og_description":"La vulnerabilidad de inyecci\u00f3n de objetos PHP en el plugin CoDesigner WooCommerce Builder for Elementor &#8211; Customize Checkout, Shop, Email, Products &amp; More para WordPress en versiones hasta 4.4.1 pone en riesgo la seguridad de los sitios web que lo utilizan. El plugin CoDesigner WooCommerce Builder for Elementor es vulnerable a la inyecci\u00f3n de objetos [&hellip;]","og_url":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-06-12T20:45:25+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/","url":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/","name":"CoDesigner WooCommerce Builder for Elementor - Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-06-12T20:45:25+00:00","dateModified":"2024-06-12T20:45:25+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/codesigner-woocommerce-builder-for-elementor-vulnerabilidad-de-inyeccion-de-objetos-php-no-autenticada\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"CoDesigner WooCommerce Builder for Elementor &#8211; Vulnerabilidad de Inyecci\u00f3n de Objetos PHP no autenticada"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4025"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4025"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4025\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4025"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4025"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4025"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}