{"id":4344,"date":"2024-07-23T14:45:42","date_gmt":"2024-07-23T14:45:42","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-social-auto-poster-5-3-14-con-acceso-autenticado-suscriptor\/"},"modified":"2024-07-23T14:45:42","modified_gmt":"2024-07-23T14:45:42","slug":"vulnerabilidad-de-cross-site-scripting-almacenado-en-social-auto-poster-5-3-14-con-acceso-autenticado-suscriptor","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-scripting-almacenado-en-social-auto-poster-5-3-14-con-acceso-autenticado-suscriptor\/","title":{"rendered":"Vulnerabilidad de Cross-Site Scripting almacenado en Social Auto Poster <= 5.3.14 con acceso autenticado (Suscriptor+)"},"content":{"rendered":"
<\/p>\n
En este informe se detalla una vulnerabilidad en el plugin Social Auto Poster para WordPress que permite a atacantes autenticados con nivel de acceso Suscriptor y superior realizar ataques de Cross-Site Scripting almacenado mediante el par\u00e1metro ‘wp_name’ en la funci\u00f3n AJAX ‘wpw_auto_poster_map_wordpress_post_type’, presentes en todas las versiones hasta la 5.3.14. La falta de saneamiento de […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2052],"class_list":["post-4344","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-6752"],"yoast_head":"\n