{"id":4318,"date":"2024-07-17T20:45:17","date_gmt":"2024-07-17T20:45:17","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/"},"modified":"2024-07-17T20:45:17","modified_gmt":"2024-07-17T20:45:17","slug":"vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5"},"content":{"rendered":"
El plugin Element Pack Elementor Addons para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro ‘social-link-title’ en todas las versiones hasta la 5.6.5 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso a nivel de Contribuidor y superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cuando un usuario acceda a la p\u00e1gina inyectada.<\/div>\n

<\/p>\n

Los usuarios afectados por esta vulnerabilidad deben actualizar urgentemente el plugin a la versi\u00f3n m\u00e1s reciente disponible, en este caso, la 5.6.6 o superior. Adem\u00e1s, se recomienda a los administradores del sitio asegurarse de que todos los usuarios tengan el nivel de acceso m\u00e1s bajo posible para reducir el riesgo de explotaci\u00f3n de esta vulnerabilidad. Tambi\u00e9n es importante que se implementen filtros de seguridad adicionales en el sitio para detectar posibles intentos de inyecci\u00f3n de scripts.<\/div>\n
Es fundamental tomar medidas proactivas para protegerse contra vulnerabilidades como esta y mantener siempre actualizados los plugins de WordPress para mitigar posibles riesgos de seguridad.<\/div>\n","protected":false},"excerpt":{"rendered":"

El plugin Element Pack Elementor Addons para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro ‘social-link-title’ en todas las versiones hasta la 5.6.5 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso a nivel de Contribuidor y superior, inyectar scripts web arbitrarios en […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2026],"class_list":["post-4318","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-5555"],"yoast_head":"\nVulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin Element Pack Elementor Addons para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro ‘social-link-title’ en todas las versiones hasta la 5.6.5 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso a nivel de Contribuidor y superior, inyectar scripts web arbitrarios en […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-17T20:45:17+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/\",\"name\":\"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-07-17T20:45:17+00:00\",\"dateModified\":\"2024-07-17T20:45:17+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5 - SeguridadWordPress.es","og_description":"El plugin Element Pack Elementor Addons para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro ‘social-link-title’ en todas las versiones hasta la 5.6.5 debido a una insuficiente sanitizaci\u00f3n de entradas y escape de salida. Esto permite a atacantes autenticados, con acceso a nivel de Contribuidor y superior, inyectar scripts web arbitrarios en […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-07-17T20:45:17+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/","name":"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-07-17T20:45:17+00:00","dateModified":"2024-07-17T20:45:17+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-element-pack-elementor-addons-5-6-5\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Cross-Site Scripting almacenado en Element Pack Elementor Addons <= 5.6.5"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4318"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4318"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4318\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4318"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}