{"id":4174,"date":"2024-06-28T22:45:09","date_gmt":"2024-06-28T22:45:09","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/"},"modified":"2024-06-28T22:45:09","modified_gmt":"2024-06-28T22:45:09","slug":"vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP"},"content":{"rendered":"<div>La vulnerabilidad CVE-2024-5819 afecta al plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features en versiones hasta 3.2.45, permitiendo a atacantes autenticados realizar ataque de Cross-Site Scripting almacenado a trav\u00e9s de atributos de datos HTML.<\/div>\n<p><\/p>\n<div>El plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features para WordPress es vulnerable a un Cross-Site Scripting almacenado a trav\u00e9s de atributos de datos HTML en todas las versiones hasta, e incluyendo, la 3.2.45 debido a una insuficiente sanitizaci\u00f3n de la entrada y escape de la salida en atributos suministrados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de contribuidor en adelante, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a la p\u00e1gina inyectada.<\/div>\n<div>Para mitigar esta vulnerabilidad, se recomienda a los usuarios actualizar el plugin a la \u00faltima versi\u00f3n disponible y mantener todos los plugins y temas de WordPress actualizados regularmente para evitar posibles ataques de este tipo.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>La vulnerabilidad CVE-2024-5819 afecta al plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features en versiones hasta 3.2.45, permitiendo a atacantes autenticados realizar ataque de Cross-Site Scripting almacenado a trav\u00e9s de atributos de datos HTML. El plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features para WordPress es vulnerable [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1884],"class_list":["post-4174","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-5819"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad CVE-2024-5819 afecta al plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features en versiones hasta 3.2.45, permitiendo a atacantes autenticados realizar ataque de Cross-Site Scripting almacenado a trav\u00e9s de atributos de datos HTML. El plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features para WordPress es vulnerable [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-28T22:45:09+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-06-28T22:45:09+00:00\",\"dateModified\":\"2024-06-28T22:45:09+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP - SeguridadWordPress.es","og_description":"La vulnerabilidad CVE-2024-5819 afecta al plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features en versiones hasta 3.2.45, permitiendo a atacantes autenticados realizar ataque de Cross-Site Scripting almacenado a trav\u00e9s de atributos de datos HTML. El plugin Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features para WordPress es vulnerable [&hellip;]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-06-28T22:45:09+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/","name":"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-06-28T22:45:09+00:00","dateModified":"2024-06-28T22:45:09+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-gutenberg-blocks-with-ai-by-kadence-wp\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en Gutenberg Blocks with AI by Kadence WP"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4174"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4174"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4174\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4174"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4174"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4174"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}