{"id":4168,"date":"2024-06-28T16:45:24","date_gmt":"2024-06-28T16:45:24","guid":{"rendered":"http:\/\/127.0.0.1\/events-manager-6-4-8-cross-site-scripting-reflejado\/"},"modified":"2024-06-28T16:45:24","modified_gmt":"2024-06-28T16:45:24","slug":"events-manager-6-4-8-cross-site-scripting-reflejado","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/events-manager-6-4-8-cross-site-scripting-reflejado\/","title":{"rendered":"Events Manager <= 6.4.8 – Cross-Site Scripting Reflejado"},"content":{"rendered":"
<\/p>\n
El plugin Events Manager – Calendario, Reservas, Entradas y m\u00e1s! para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro ‘country’ en todas las versiones hasta, e incluyendo, la 6.4.8 debido a una insuficiente sanitizaci\u00f3n de la entrada y escape de la salida. Esto permite a atacantes no autenticados inyectar scripts web arbitrarios […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1878],"class_list":["post-4168","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-5889"],"yoast_head":"\n