{"id":4482,"date":"2024-08-14T16:35:09","date_gmt":"2024-08-14T16:35:09","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/"},"modified":"2024-08-14T16:35:09","modified_gmt":"2024-08-14T16:35:09","slug":"vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/","title":{"rendered":"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17"},"content":{"rendered":"
La vulnerabilidad de Reflected Cross-Site Scripting en el plugin WC Marketplace para WordPress hasta la versi\u00f3n 4.1.17 pone en riesgo la seguridad de los sitios web que lo utilizan. Esta vulnerabilidad se debe a una deficiente sanitizaci\u00f3n de entrada y escape de salida, lo que permite a atacantes no autenticados inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace.<\/div>\n

<\/p>\n

Para subsanar esta vulnerabilidad, se recomienda a los usuarios actualizar el plugin WC Marketplace a una versi\u00f3n m\u00e1s reciente que haya corregido este problema. Adem\u00e1s, se sugiere implementar medidas adicionales de seguridad en WordPress, como la limitaci\u00f3n de permisos de usuario, el uso de plugins de seguridad y realizar auditor\u00edas regulares en busca de vulnerabilidades.<\/div>\n
Es fundamental que los administradores de sitios web que utilizan WC Marketplace est\u00e9n al tanto de esta vulnerabilidad y tomen las medidas necesarias para proteger su sitio. Mantener todos los plugins y temas actualizados, junto con buenas pr\u00e1cticas de seguridad, es crucial para prevenir ataques de este tipo.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad de Reflected Cross-Site Scripting en el plugin WC Marketplace para WordPress hasta la versi\u00f3n 4.1.17 pone en riesgo la seguridad de los sitios web que lo utilizan. Esta vulnerabilidad se debe a una deficiente sanitizaci\u00f3n de entrada y escape de salida, lo que permite a atacantes no autenticados inyectar scripts web arbitrarios en […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2179],"class_list":["post-4482","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-43213"],"yoast_head":"\nVulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad de Reflected Cross-Site Scripting en el plugin WC Marketplace para WordPress hasta la versi\u00f3n 4.1.17 pone en riesgo la seguridad de los sitios web que lo utilizan. Esta vulnerabilidad se debe a una deficiente sanitizaci\u00f3n de entrada y escape de salida, lo que permite a atacantes no autenticados inyectar scripts web arbitrarios en […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-14T16:35:09+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/\",\"name\":\"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-08-14T16:35:09+00:00\",\"dateModified\":\"2024-08-14T16:35:09+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17 - SeguridadWordPress.es","og_description":"La vulnerabilidad de Reflected Cross-Site Scripting en el plugin WC Marketplace para WordPress hasta la versi\u00f3n 4.1.17 pone en riesgo la seguridad de los sitios web que lo utilizan. Esta vulnerabilidad se debe a una deficiente sanitizaci\u00f3n de entrada y escape de salida, lo que permite a atacantes no autenticados inyectar scripts web arbitrarios en […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-08-14T16:35:09+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/","name":"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-08-14T16:35:09+00:00","dateModified":"2024-08-14T16:35:09+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-reflected-cross-site-scripting-en-wc-marketplace-4-1-17\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Reflected Cross-Site Scripting en WC Marketplace <= 4.1.17"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4482"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4482"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4482\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4482"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}