{"id":4698,"date":"2024-09-10T15:25:09","date_gmt":"2024-09-10T15:25:09","guid":{"rendered":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/"},"modified":"2024-09-10T15:25:09","modified_gmt":"2024-09-10T15:25:09","slug":"post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/","title":{"rendered":"Post Grid and Gutenberg Blocks 2.2.87 &#8211; 2.2.90 &#8211; Escalada de Privilegios (Subscriber+)"},"content":{"rendered":"<div>El plugin Post Grid and Gutenberg Blocks para WordPress es vulnerable a la escalada de privilegios en todas las versiones 2.2.87 a 2.2.90. Esto se debe a que el plugin no restringe correctamente qu\u00e9 valores de metadatos de usuario se pueden actualizar y no asegura que un formulario est\u00e9 activo. Esto permite a los atacantes autenticados, con acceso de nivel suscriptor y superior, actualizar sus metadatos de usuario para convertirse en administradores.<\/div>\n<p><\/p>\n<div>Para subsanar este problema de seguridad, se recomienda a los usuarios actualizar el plugin a la \u00faltima versi\u00f3n disponible lo antes posible. Adem\u00e1s, se sugiere restringir el acceso de los usuarios a funciones administrativas solo a aquellos que realmente lo necesiten, y revisar peri\u00f3dicamente los permisos otorgados a los roles de usuario para evitar posibles vulnerabilidades de escalada de privilegios.<\/div>\n<div>Es fundamental mantener todos los plugins y temas de WordPress actualizados para garantizar la seguridad de tu sitio web. La escalada de privilegios es un problema grave que puede comprometer la integridad de tu plataforma, por lo que es importante tomar medidas preventivas para protegerla.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>El plugin Post Grid and Gutenberg Blocks para WordPress es vulnerable a la escalada de privilegios en todas las versiones 2.2.87 a 2.2.90. Esto se debe a que el plugin no restringe correctamente qu\u00e9 valores de metadatos de usuario se pueden actualizar y no asegura que un formulario est\u00e9 activo. Esto permite a los atacantes [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2390],"class_list":["post-4698","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-8253"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Escalada de Privilegios (Subscriber+) - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Escalada de Privilegios (Subscriber+) - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"El plugin Post Grid and Gutenberg Blocks para WordPress es vulnerable a la escalada de privilegios en todas las versiones 2.2.87 a 2.2.90. Esto se debe a que el plugin no restringe correctamente qu\u00e9 valores de metadatos de usuario se pueden actualizar y no asegura que un formulario est\u00e9 activo. Esto permite a los atacantes [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-10T15:25:09+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/\",\"url\":\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/\",\"name\":\"Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Escalada de Privilegios (Subscriber+) - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-09-10T15:25:09+00:00\",\"dateModified\":\"2024-09-10T15:25:09+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Post Grid and Gutenberg Blocks 2.2.87 &#8211; 2.2.90 &#8211; Escalada de Privilegios (Subscriber+)\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Escalada de Privilegios (Subscriber+) - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/","og_locale":"en_US","og_type":"article","og_title":"Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Escalada de Privilegios (Subscriber+) - SeguridadWordPress.es","og_description":"El plugin Post Grid and Gutenberg Blocks para WordPress es vulnerable a la escalada de privilegios en todas las versiones 2.2.87 a 2.2.90. Esto se debe a que el plugin no restringe correctamente qu\u00e9 valores de metadatos de usuario se pueden actualizar y no asegura que un formulario est\u00e9 activo. Esto permite a los atacantes [&hellip;]","og_url":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-09-10T15:25:09+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/","url":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/","name":"Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Escalada de Privilegios (Subscriber+) - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-09-10T15:25:09+00:00","dateModified":"2024-09-10T15:25:09+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/post-grid-and-gutenberg-blocks-2-2-87-2-2-90-escalada-de-privilegios-subscriber\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Post Grid and Gutenberg Blocks 2.2.87 &#8211; 2.2.90 &#8211; Escalada de Privilegios (Subscriber+)"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4698"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4698"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4698\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4698"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4698"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4698"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}