{"id":4075,"date":"2024-06-18T16:45:22","date_gmt":"2024-06-18T16:45:22","guid":{"rendered":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/"},"modified":"2024-06-18T16:45:22","modified_gmt":"2024-06-18T16:45:22","slug":"cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/","title":{"rendered":"Cost Calculator Builder PRO <= 3.1.75 – Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n"},"content":{"rendered":"
La vulnerabilidad de env\u00edo de correos electr\u00f3nicos arbitrarios en Cost Calculator Builder PRO para WordPress afecta a las versiones hasta la 3.1.75. Esto se debe a limitaciones insuficientes en el destinatario del correo electr\u00f3nico y el contenido en las funciones ‘send_pdf’ y ‘send_pdf_front’ que son accesibles a trav\u00e9s de AJAX. Esto permite a atacantes no autenticados enviar correos electr\u00f3nicos con cualquier contenido a cualquier destinatario.<\/div>\n

<\/p>\n

Los usuarios afectados por esta vulnerabilidad deben actualizar su plugin Cost Calculator Builder PRO a la \u00faltima versi\u00f3n disponible. Adem\u00e1s, se recomienda restringir el acceso a las funciones ‘send_pdf’ y ‘send_pdf_front’ solo a usuarios autenticados y de confianza. Tambi\u00e9n se sugiere monitorear de cerca las actividades sospechosas relacionadas con el env\u00edo de correos electr\u00f3nicos desde el plugin.<\/div>\n
Es crucial tomar medidas para protegerse de esta vulnerabilidad de env\u00edo de correos electr\u00f3nicos arbitrarios en Cost Calculator Builder PRO. Siguiendo las recomendaciones de seguridad mencionadas, los usuarios pueden mitigar el riesgo de explotaci\u00f3n por parte de posibles atacantes.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad de env\u00edo de correos electr\u00f3nicos arbitrarios en Cost Calculator Builder PRO para WordPress afecta a las versiones hasta la 3.1.75. Esto se debe a limitaciones insuficientes en el destinatario del correo electr\u00f3nico y el contenido en las funciones ‘send_pdf’ y ‘send_pdf_front’ que son accesibles a trav\u00e9s de AJAX. Esto permite a atacantes no […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1785],"class_list":["post-4075","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-4787"],"yoast_head":"\nCost Calculator Builder PRO <= 3.1.75 - Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cost Calculator Builder PRO <= 3.1.75 - Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad de env\u00edo de correos electr\u00f3nicos arbitrarios en Cost Calculator Builder PRO para WordPress afecta a las versiones hasta la 3.1.75. Esto se debe a limitaciones insuficientes en el destinatario del correo electr\u00f3nico y el contenido en las funciones ‘send_pdf’ y ‘send_pdf_front’ que son accesibles a trav\u00e9s de AJAX. Esto permite a atacantes no […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-18T16:45:22+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/\",\"url\":\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/\",\"name\":\"Cost Calculator Builder PRO <= 3.1.75 - Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-06-18T16:45:22+00:00\",\"dateModified\":\"2024-06-18T16:45:22+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cost Calculator Builder PRO <= 3.1.75 – Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cost Calculator Builder PRO <= 3.1.75 - Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/","og_locale":"en_US","og_type":"article","og_title":"Cost Calculator Builder PRO <= 3.1.75 - Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n - SeguridadWordPress.es","og_description":"La vulnerabilidad de env\u00edo de correos electr\u00f3nicos arbitrarios en Cost Calculator Builder PRO para WordPress afecta a las versiones hasta la 3.1.75. Esto se debe a limitaciones insuficientes en el destinatario del correo electr\u00f3nico y el contenido en las funciones ‘send_pdf’ y ‘send_pdf_front’ que son accesibles a trav\u00e9s de AJAX. Esto permite a atacantes no […]","og_url":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-06-18T16:45:22+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/","url":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/","name":"Cost Calculator Builder PRO <= 3.1.75 - Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-06-18T16:45:22+00:00","dateModified":"2024-06-18T16:45:22+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/cost-calculator-builder-pro-3-1-75-envio-de-correos-electronicos-arbitrarios-sin-autenticacion\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Cost Calculator Builder PRO <= 3.1.75 – Env\u00edo de Correos Electr\u00f3nicos Arbitrarios sin Autenticaci\u00f3n"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4075"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4075"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4075\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4075"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4075"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4075"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}