{"id":4703,"date":"2024-09-10T21:25:07","date_gmt":"2024-09-10T21:25:07","guid":{"rendered":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/"},"modified":"2024-09-10T21:25:07","modified_gmt":"2024-09-10T21:25:07","slug":"vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/","title":{"rendered":"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2"},"content":{"rendered":"
La vulnerabilidad de autenticaci\u00f3n bypass en el plugin WooCommerce Photo Reviews Premium para WordPress pone en riesgo la seguridad de los sitios web que lo utilizan.<\/div>\n

<\/p>\n

El plugin WooCommerce Photo Reviews Premium para WordPress es vulnerable a la autenticaci\u00f3n bypass en todas las versiones hasta, e incluyendo, la 1.3.13.2. Esto se debe a que el plugin no valida correctamente qu\u00e9 transitorios de usuario se utilizan en la funci\u00f3n login() y no verifica correctamente la identidad del usuario. Esto permite que atacantes no autenticados inicien sesi\u00f3n como usuario que ha desestimado un aviso de administrador en los \u00faltimos 30 d\u00edas, que suele ser un administrador. Alternativamente, un usuario puede iniciar sesi\u00f3n como cualquier usuario con cualquier transitorio que tenga un user_id v\u00e1lido como valor, aunque ser\u00eda m\u00e1s dif\u00edcil explotar esto con \u00e9xito.<\/div>\n
Es crucial que los usuarios actualicen a la versi\u00f3n m\u00e1s reciente del plugin WooCommerce Photo Reviews Premium y refuercen la seguridad de sus sitios web aplicando pr\u00e1cticas recomendadas, como la implementaci\u00f3n de autenticaci\u00f3n de dos factores y la supervisi\u00f3n constante de posibles actividades maliciosas.<\/div>\n","protected":false},"excerpt":{"rendered":"

La vulnerabilidad de autenticaci\u00f3n bypass en el plugin WooCommerce Photo Reviews Premium para WordPress pone en riesgo la seguridad de los sitios web que lo utilizan. El plugin WooCommerce Photo Reviews Premium para WordPress es vulnerable a la autenticaci\u00f3n bypass en todas las versiones hasta, e incluyendo, la 1.3.13.2. Esto se debe a que el […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[2395],"class_list":["post-4703","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-8277"],"yoast_head":"\nVulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2 - SeguridadWordPress.es<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2 - SeguridadWordPress.es\" \/>\n<meta property=\"og:description\" content=\"La vulnerabilidad de autenticaci\u00f3n bypass en el plugin WooCommerce Photo Reviews Premium para WordPress pone en riesgo la seguridad de los sitios web que lo utilizan. El plugin WooCommerce Photo Reviews Premium para WordPress es vulnerable a la autenticaci\u00f3n bypass en todas las versiones hasta, e incluyendo, la 1.3.13.2. Esto se debe a que el […]\" \/>\n<meta property=\"og:url\" content=\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/\" \/>\n<meta property=\"og:site_name\" content=\"SeguridadWordPress.es\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-10T21:25:07+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/\",\"url\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/\",\"name\":\"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2 - SeguridadWordPress.es\",\"isPartOf\":{\"@id\":\"http:\/\/127.0.0.1\/#website\"},\"datePublished\":\"2024-09-10T21:25:07+00:00\",\"dateModified\":\"2024-09-10T21:25:07+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/127.0.0.1\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/127.0.0.1\/#website\",\"url\":\"http:\/\/127.0.0.1\/\",\"name\":\"SeguridadWordPress.es\",\"description\":\"Recopilaci\u00f3n de vulnerabilidades WordPress.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/127.0.0.1\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2 - SeguridadWordPress.es","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2 - SeguridadWordPress.es","og_description":"La vulnerabilidad de autenticaci\u00f3n bypass en el plugin WooCommerce Photo Reviews Premium para WordPress pone en riesgo la seguridad de los sitios web que lo utilizan. El plugin WooCommerce Photo Reviews Premium para WordPress es vulnerable a la autenticaci\u00f3n bypass en todas las versiones hasta, e incluyendo, la 1.3.13.2. Esto se debe a que el […]","og_url":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/","og_site_name":"SeguridadWordPress.es","article_published_time":"2024-09-10T21:25:07+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/","url":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/","name":"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2 - SeguridadWordPress.es","isPartOf":{"@id":"http:\/\/127.0.0.1\/#website"},"datePublished":"2024-09-10T21:25:07+00:00","dateModified":"2024-09-10T21:25:07+00:00","author":{"@id":""},"breadcrumb":{"@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/127.0.0.1\/vulnerabilidad-de-bypass-de-autenticacion-en-woocommerce-photo-reviews-premium-1-3-13-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/127.0.0.1\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidad de Bypass de Autenticaci\u00f3n en WooCommerce Photo Reviews Premium <= 1.3.13.2"}]},{"@type":"WebSite","@id":"http:\/\/127.0.0.1\/#website","url":"http:\/\/127.0.0.1\/","name":"SeguridadWordPress.es","description":"Recopilaci\u00f3n de vulnerabilidades WordPress.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/127.0.0.1\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4703"}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=4703"}],"version-history":[{"count":0,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/4703\/revisions"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=4703"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=4703"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=4703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}