{"id":4516,"date":"2024-08-16T21:35:21","date_gmt":"2024-08-16T21:35:21","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-request-forgery-en-bricks-1-8-1-a-traves-de-save_settings\/"},"modified":"2024-08-16T21:35:21","modified_gmt":"2024-08-16T21:35:21","slug":"vulnerabilidad-de-cross-site-request-forgery-en-bricks-1-8-1-a-traves-de-save_settings","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-cross-site-request-forgery-en-bricks-1-8-1-a-traves-de-save_settings\/","title":{"rendered":"Vulnerabilidad de Cross-Site Request Forgery en Bricks <= 1.8.1 a trav\u00e9s de save_settings"},"content":{"rendered":"
<\/p>\n
La vulnerabilidad de Cross-Site Request Forgery (CSRF) en el tema Bricks para WordPress en versiones hasta, e incluyendo, la 1.8.1 permite a atacantes no autenticados modificar la configuraci\u00f3n del tema, incluyendo la habilitaci\u00f3n de una opci\u00f3n que permite a usuarios de menor privilegio como colaboradores ejecutar c\u00f3digo, a trav\u00e9s de una solicitud falsificada si logran […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2213],"class_list":["post-4516","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2023-3408"],"yoast_head":"\n