{"id":4041,"date":"2024-06-14T12:45:22","date_gmt":"2024-06-14T12:45:22","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/"},"modified":"2024-06-14T12:45:22","modified_gmt":"2024-06-14T12:45:22","slug":"vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2"},"content":{"rendered":"
La vulnerabilidad CVE-2024-5263, que consiste en Cross-Site Scripting almacenado, afecta al plugin ElementsKit Pro para WordPress en su versi\u00f3n 3.6.2 y anteriores. Esto permite a atacantes autenticados con niveles de acceso de contribuidor o superiores inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario acceda a dicha p\u00e1gina.<\/div>\n

<\/p>\n

Para subsanar esta vulnerabilidad, se recomienda a los usuarios actualizar el plugin ElementsKit a la \u00faltima versi\u00f3n disponible, en la que se hayan implementado las correcciones necesarias para evitar la inyecci\u00f3n de scripts maliciosos. Adem\u00e1s, es importante que los administradores del sitio refuercen las medidas de seguridad y control de acceso para prevenir posibles ataques.<\/div>\n
Es fundamental mantener todos los plugins y temas de WordPress actualizados para mitigar posibles vulnerabilidades de seguridad. La colaboraci\u00f3n de la comunidad de WordPress en la detecci\u00f3n y reporte de este tipo de problemas es crucial para mantener la integridad de los sitios web en esta plataforma.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad CVE-2024-5263, que consiste en Cross-Site Scripting almacenado, afecta al plugin ElementsKit Pro para WordPress en su versi\u00f3n 3.6.2 y anteriores. Esto permite a atacantes autenticados con niveles de acceso de contribuidor o superiores inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario acceda a dicha p\u00e1gina. Para subsanar esta vulnerabilidad, […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1751],"class_list":["post-4041","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-5263"],"yoast_head":"\nVulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad CVE-2024-5263, que consiste en Cross-Site Scripting almacenado, afecta al plugin ElementsKit Pro para WordPress en su versi\u00f3n 3.6.2 y anteriores. Esto permite a atacantes autenticados con niveles de acceso de contribuidor o superiores inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario acceda a dicha p\u00e1gina. Para subsanar esta vulnerabilidad, […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-14T12:45:22+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-06-14T12:45:22+00:00\",\"dateModified\":\"2024-06-14T12:45:22+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2 - SeguridadWordPress.es","og_description":"La vulnerabilidad CVE-2024-5263, que consiste en Cross-Site Scripting almacenado, afecta al plugin ElementsKit Pro para WordPress en su versi\u00f3n 3.6.2 y anteriores. Esto permite a atacantes autenticados con niveles de acceso de contribuidor o superiores inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario acceda a dicha p\u00e1gina. Para subsanar esta vulnerabilidad, […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-06-14T12:45:22+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/","name":"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-06-14T12:45:22+00:00","dateModified":"2024-06-14T12:45:22+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-elementskit-elementor-addons-and-templates-library-3-6-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en ElementsKit Elementor addons and Templates Library <= 3.6.2"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4041"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4041"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4041\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4041"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4041"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4041"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}