{"id":4312,"date":"2024-07-17T14:45:11","date_gmt":"2024-07-17T14:45:11","guid":{"rendered":"http:\/\/127.0.0.1\/historial-de-eventos-de-linea-de-tiempo-3-1-inyeccion-de-objetos-php-autenticada-contributor\/"},"modified":"2024-07-17T14:45:11","modified_gmt":"2024-07-17T14:45:11","slug":"historial-de-eventos-de-linea-de-tiempo-3-1-inyeccion-de-objetos-php-autenticada-contributor","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/historial-de-eventos-de-linea-de-tiempo-3-1-inyeccion-de-objetos-php-autenticada-contributor\/","title":{"rendered":"Historial de Eventos de L\u00ednea de Tiempo <= 3.1 – Inyecci\u00f3n de Objetos PHP Autenticada (Contributor+)"},"content":{"rendered":"
<\/p>\n
El plugin de Historial de Eventos de L\u00ednea de Tiempo para WordPress es vulnerable a Inyecci\u00f3n de Objetos PHP en todas las versiones hasta, e incluyendo, la 3.1 a trav\u00e9s de la deserializaci\u00f3n de la entrada no confiable del par\u00e1metro ‘timelines-data’. Esto hace posible que atacantes autenticados, con acceso de nivel Contributor y superior, inyecten […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2020],"class_list":["post-4312","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-5726"],"yoast_head":"\n