{"id":4281,"date":"2024-07-15T17:45:08","date_gmt":"2024-07-15T17:45:08","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/"},"modified":"2024-07-15T17:45:08","modified_gmt":"2024-07-15T17:45:08","slug":"vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon"},"content":{"rendered":"<div>Se ha identificado una vulnerabilidad de Cross-Site Scripting en el plugin de WordPress Image Hover Effects \u2013 Elementor Addon, la cual afecta a todas las versiones hasta la 1.4.3. Esta vulnerabilidad permite a atacantes autenticados con nivel de acceso de Contribuidor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario acceda a esa p\u00e1gina comprometida.<\/div>\n<p><\/p>\n<div>La vulnerabilidad radica en la falta de sanitizaci\u00f3n de la entrada y escape de la salida del par\u00e1metro &#8216;eihe_link&#8217;, lo que permite a los atacantes almacenar y ejecutar scripts maliciosos en las p\u00e1ginas web. Para mitigar este riesgo, se recomienda a los usuarios actualizar a la versi\u00f3n m\u00e1s reciente del plugin tan pronto como est\u00e9 disponible. Adem\u00e1s, se aconseja a los administradores de sitios web realizar controles de seguridad peri\u00f3dicos para detectar posibles vulnerabilidades en plugins y temas instalados.<\/div>\n<div>Es fundamental mantener actualizados todos los plugins y temas de WordPress para protegerse contra posibles vulnerabilidades de seguridad como esta. La seguridad en WordPress es responsabilidad de todos los involucrados en la administraci\u00f3n de un sitio web, por lo que es crucial estar al tanto de las \u00faltimas actualizaciones y mejores pr\u00e1cticas en seguridad.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Se ha identificado una vulnerabilidad de Cross-Site Scripting en el plugin de WordPress Image Hover Effects \u2013 Elementor Addon, la cual afecta a todas las versiones hasta la 1.4.3. Esta vulnerabilidad permite a atacantes autenticados con nivel de acceso de Contribuidor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[1989],"class_list":["post-4281","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-4780"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"Se ha identificado una vulnerabilidad de Cross-Site Scripting en el plugin de WordPress Image Hover Effects \u2013 Elementor Addon, la cual afecta a todas las versiones hasta la 1.4.3. Esta vulnerabilidad permite a atacantes autenticados con nivel de acceso de Contribuidor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-15T17:45:08+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-07-15T17:45:08+00:00\",\"dateModified\":\"2024-07-15T17:45:08+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon - SeguridadWordPress.es","og_description":"Se ha identificado una vulnerabilidad de Cross-Site Scripting en el plugin de WordPress Image Hover Effects \u2013 Elementor Addon, la cual afecta a todas las versiones hasta la 1.4.3. Esta vulnerabilidad permite a atacantes autenticados con nivel de acceso de Contribuidor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario [&hellip;]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-07-15T17:45:08+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/","name":"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-07-15T17:45:08+00:00","dateModified":"2024-07-15T17:45:08+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-en-image-hover-effects-elementor-addon\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting en Image Hover Effects \u2013 Elementor Addon"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4281"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4281"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4281\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4281"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4281"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4281"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}