{"id":4358,"date":"2024-07-24T07:45:07","date_gmt":"2024-07-24T07:45:07","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-almacenado-en-all-in-one-video-gallery-3-7-1-a-traves-del-shortcode-de-video\/"},"modified":"2024-07-24T07:45:07","modified_gmt":"2024-07-24T07:45:07","slug":"vulnerabilidad-de-xss-almacenado-en-all-in-one-video-gallery-3-7-1-a-traves-del-shortcode-de-video","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-xss-almacenado-en-all-in-one-video-gallery-3-7-1-a-traves-del-shortcode-de-video\/","title":{"rendered":"Vulnerabilidad de XSS almacenado en All-in-One Video Gallery <= 3.7.1 a trav\u00e9s del shortcode de video"},"content":{"rendered":"
<\/p>\n
El plugin All-in-One Video Gallery para WordPress es vulnerable a XSS almacenado a trav\u00e9s del shortcode de video en todas las versiones hasta, e incluyendo, la 3.7.1 debido a una sanitizaci\u00f3n insuficiente de la entrada y a una escapada insuficiente de la salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2066],"class_list":["post-4358","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-6629"],"yoast_head":"\n