{"id":18791,"date":"2020-09-03T11:42:47","date_gmt":"2020-09-03T08:42:47","guid":{"rendered":"http:\/\/content.freeplanetvpn.com\/?p=18791"},"modified":"2022-05-31T16:18:58","modified_gmt":"2022-05-31T13:18:58","slug":"los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress","status":"publish","type":"post","link":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/","title":{"rendered":"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress"},"content":{"rendered":"

\"WordPress<\/p>\n

Los hackers est\u00e1n explotando activamente una vulnerabilidad que les permite ejecutar comandos y scripts maliciosos en sitios web que ejecutan File Manager<\/a>, un plugin de WordPress con m\u00e1s de 700.000 instalaciones activas, dijeron los investigadores el martes. La noticia de los ataques lleg\u00f3 unas horas despu\u00e9s de que la falla de seguridad fuera reparada.<\/p>\n

Los atacantes est\u00e1n usando el exploit para subir archivos que contienen webhells que est\u00e1n escondidos en una imagen. Desde all\u00ed, tienen una conveniente interfaz que les permite ejecutar comandos en los plugins\/wp-file-manager\/lib\/files\/, el directorio donde reside el plugin File Manager. Si bien esa restricci\u00f3n impide a los hackers ejecutar comandos en archivos fuera del directorio, los hackers pueden ser capaces de causar m\u00e1s da\u00f1o cargando scripts que pueden llevar a cabo acciones en otras partes de un sitio vulnerable.<\/p>\n

NinTechNet, una empresa de seguridad de sitios web de Bangkok (Tailandia), fue una de las primeras en informar sobre los ataques in-the-wild<\/a>. En el post se dec\u00eda que un pirata inform\u00e1tico estaba explotando la vulnerabilidad para subir un script titulado hardfork.php y luego utilizarlo para inyectar c\u00f3digo en los scripts de WordPress \/wp-admin\/admin-ajax.php y \/wp-includes\/user.php.<\/p>\n

Backdooring de sitios vulnerables a escala<\/h2>\n

En un correo electr\u00f3nico, el CEO de NinTechNet, Jerome Bruandet, escribi\u00f3:
\nEs un poco pronto para saber el impacto, porque cuando atrapamos el ataque, los hackers s\u00f3lo intentaban hacer sitios web de puerta trasera. Sin embargo, una cosa interesante que notamos es que los atacantes estaban inyectando alg\u00fan c\u00f3digo para proteger el acceso al archivo vulnerable (connector.minimal.php) para que otros grupos de hackers no pudieran explotar la vulnerabilidad en los sitios que ya estaban infectados.<\/p>\n

Todos los comandos pueden ser ejecutados en la carpeta \/lib\/files (crear carpetas, borrar archivos, etc.), pero lo m\u00e1s importante es que pueden subir scripts PHP en esa carpeta tambi\u00e9n, y luego ejecutarlos y hacer lo que quieran en el blog.<\/p>\n

Hasta ahora, est\u00e1n subiendo “FilesMan”, otro gestor de archivos usado a menudo por los hackers. Este est\u00e1 muy ofuscado. En las pr\u00f3ximas horas y d\u00edas veremos exactamente lo que har\u00e1n, porque si protegieron el archivo vulnerable con una contrase\u00f1a para evitar que otros hackers exploten la vulnerabilidad, es probable que esperen volver a visitar los sitios infectados.<\/p><\/blockquote>\n

La empresa de seguridad de sitios web Wordfence, por su parte, dijo en su propio post<\/a> que hab\u00eda bloqueado m\u00e1s de 450.000 intentos de explotaci\u00f3n en los \u00faltimos d\u00edas. El post dec\u00eda que los atacantes est\u00e1n tratando de inyectar varios archivos. En algunos casos, esos archivos estaban vac\u00edos, muy probablemente en un intento de sondear sitios vulnerables y, si ten\u00edan \u00e9xito, inyectar un archivo malicioso m\u00e1s tarde. Los archivos que se sub\u00edan ten\u00edan nombres como hardfork.php, hardfind.php y x.php.<\/p>\n

“Un plugin de gesti\u00f3n de archivos como este har\u00eda posible que un atacante manipulara o subiera cualquier archivo de su elecci\u00f3n directamente desde el panel de control de WordPress, permiti\u00e9ndole potencialmente escalar privilegios una vez en el \u00e1rea de administraci\u00f3n del sitio”, escribi\u00f3 Chloe Chamberland, una investigadora de la firma de seguridad Wordfence, en el post del martes. “Por ejemplo, un atacante podr\u00eda acceder al \u00e1rea de administraci\u00f3n del sitio usando una contrase\u00f1a comprometida, y luego acceder a este plugin y subir un webhell para hacer una enumeraci\u00f3n m\u00e1s detallada del servidor y potencialmente escalar su ataque usando otro exploit”.<\/p>\n

52% de 700.000 = potencial de da\u00f1o<\/h3>\n

El plugin File Manager ayuda a los administradores a gestionar los archivos de los sitios que ejecutan el sistema de gesti\u00f3n de contenidos de WordPress. El plugin contiene un gestor de archivos adicional conocido como elFinder, una biblioteca de c\u00f3digo abierto que proporciona la funcionalidad principal del plugin, junto con una interfaz de usuario para utilizarlo. La vulnerabilidad surge de la forma en que el plugin implement\u00f3 elFinder.<\/p>\n

Para proteger sus datos de la vigilancia de Internet y mantenerlos an\u00f3nimos – \u00a1utilice Planet FreeVPN<\/a> en sus dispositivos ahora!<\/div><\/div>\n

“El n\u00facleo del problema comenz\u00f3 con el plugin del Gestor de Archivos renombrando la extensi\u00f3n del archivo conector.minimal.php.dist<\/code> de la biblioteca de elFinder a .php para que pudiera ser ejecutado directamente, aunque el archivo conector no fuera utilizado por el propio Gestor de Archivos”, explic\u00f3 Chamberland. “Esas bibliotecas suelen incluir archivos de ejemplo que no est\u00e1n pensados para ser utilizados ‘tal cual’ sin a\u00f1adir controles de acceso, y este archivo no ten\u00eda restricciones de acceso directo, lo que significa que cualquiera pod\u00eda acceder al archivo. Este archivo pod\u00eda utilizarse para iniciar un comando de elFinder y estaba enganchado al archivo elFinderConnector.class.php”.<\/p>\n

Sal Aguilar, un contratista que crea y asegura los sitios de WordPress, se meti\u00f3 en Twitter<\/a> para advertir de los ataques que est\u00e1 viendo.
\n

“\u00a1\u00a1\u00a1Oh mierda!!!” escribi\u00f3. “La vulnerabilidad del Administrador de Archivos WP es GRAVE. Se est\u00e1 propagando r\u00e1pidamente y estoy viendo cientos de sitios que se est\u00e1n infectando. El malware est\u00e1 siendo subido a \/wp-content\/plugins\/wp-file-manager\/lib\/files.”<\/div><\/div><\/p>\n

El fallo de seguridad est\u00e1 en las versiones del Administrador de Archivos que van de la 6.0 a la 6.8. Las estad\u00edsticas de WordPress<\/a> muestran que actualmente cerca del 52 por ciento de las instalaciones son vulnerables. Con m\u00e1s de la mitad de la base instalada del Administrador de Archivos de 700.000 sitios vulnerables, el potencial de da\u00f1o es alto. Los sitios que ejecutan cualquiera de estas versiones deben actualizarse a 6.9 tan<\/a> pronto como sea posible.<\/p>\n","protected":false},"excerpt":{"rendered":"

Los hackers est\u00e1n explotando activamente una vulnerabilidad que les permite ejecutar comandos y scripts maliciosos en sitios web que ejecutan File Manager, un plugin de WordPress con m\u00e1s de 700.000 instalaciones activas, dijeron los investigadores el martes. La noticia de los ataques lleg\u00f3 unas horas despu\u00e9s de que la falla de seguridad fuera reparada. Los…<\/p>\n","protected":false},"author":8,"featured_media":3510,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[137],"tags":[],"class_list":["post-18791","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-es"],"yoast_head":"\nLos hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress \u25b6\ufe0f Planet VPN<\/title>\n<meta name=\"description\" content=\"Flaw est\u00e1 en File Manager, un plugin con m\u00e1s de 700.000 usuarios; el 52% est\u00e1n afectados.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress \u25b6\ufe0f Planet VPN\" \/>\n<meta property=\"og:description\" content=\"Flaw est\u00e1 en File Manager, un plugin con m\u00e1s de 700.000 usuarios; el 52% est\u00e1n afectados.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/\" \/>\n<meta property=\"og:site_name\" content=\"Planet VPN\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-03T08:42:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-05-31T13:18:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"974\" \/>\n\t<meta property=\"og:image:height\" content=\"550\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Makoto Naki\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Satoshi Naki \u2013 Autor de art\u00edculos\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/\",\"url\":\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/\",\"name\":\"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress \u25b6\ufe0f Planet VPN\",\"primaryImageOfPage\":{\"@id\":\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp\",\"datePublished\":\"2020-09-03T08:42:47+00:00\",\"dateModified\":\"2022-05-31T13:18:58+00:00\",\"author\":{\"@id\":\"https:\/\/freevpnplanet.com\/es\/#\/schema\/person\/6c5263c6d99110898a1d44d63a1c4fdd\"},\"description\":\"Flaw est\u00e1 en File Manager, un plugin con m\u00e1s de 700.000 usuarios; el 52% est\u00e1n afectados.\",\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#primaryimage\",\"url\":\"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp\",\"contentUrl\":\"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp\",\"width\":974,\"height\":550,\"caption\":\"WordPress Protection - 12 Tips to Protect Your Website\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/freevpnplanet.com\/es\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/#website\",\"url\":\"https:\/\/freevpnplanet.com\/es\",\"name\":\"Planet VPN \ud83d\udee1\ufe0f\ud83c\udf10 Free VPN\",\"description\":\"Free VPN\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/freevpnplanet.com\/es\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/#\/schema\/person\/6c5263c6d99110898a1d44d63a1c4fdd\",\"name\":\"Makoto Naki\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2025\/02\/cropped-writer_enhanced-1-1-96x96.png\",\"contentUrl\":\"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2025\/02\/cropped-writer_enhanced-1-1-96x96.png\",\"caption\":\"Makoto Naki\"},\"description\":\"Makoto is one of the top analysts at Hack The Box: Penetration Testing Labs, specializing in cybersecurity research and analysis. Having a thorough awareness of cyber dangers and ethical hacking, he offers insightful evaluations of attack methods and security flaws. His knowledge helps him to simplify difficult cybersecurity ideas, so they are helpful for both professionals and enthusiasts. Makoto has vast experience writing on cybersecurity, penetration testing, hackers, and privacy as a cybercrime gonzo journalist. His investigative style gives life to real-life hacking stories, highlighting new dangers and changing strategies. He provides insightful viewpoints on security and digital privacy by delving into the obscure facets of the digital world through in-depth writings and reports.\",\"url\":\"https:\/\/freevpnplanet.com\/es\/author\/makoto-naki\/\"},{\"@type\":\"SoftwareApplication\",\"name\":\"Planet VPN \ud83d\udee1\ufe0f\ud83c\udf10 Free VPN\",\"operatingSystem\":\"Windows, macOS, iOS, Android, Linux, Chrome\",\"applicationCategory\":\"SecurityApplication\",\"offers\":{\"@type\":\"AggregateOffer\",\"priceCurrency\":\"USD\",\"price\":\"0\",\"lowPrice\":\"0\",\"availability\":\"https:\/\/schema.org\/InStock\"},\"applicationSubCategory\":\"VPN\",\"url\":\"https:\/\/freevpnplanet.com\/es\/\",\"downloadUrl\":\"https:\/\/freevpnplanet.com\/es\/download\/\",\"permissions\":\"Network access, VPN configuration\",\"description\":\"Planet VPN es un servicio VPN que prioriza la privacidad. La versi\u00f3n gratuita ofrece ancho de banda y tiempo ilimitados en 6 ubicaciones, con una estricta pol\u00edtica de no registros y sin registro de cuenta. Premium desbloquea m\u00e1s de 1.260 servidores en m\u00e1s de 60 pa\u00edses, P2P, streaming y Double VPN, con tunelizaci\u00f3n dividida, interruptor de emergencia, cifrado de 256 bits y protocolos OpenVPN, IKEv2, PlanetX y StarGuard. Con la confianza de m\u00e1s de 15 millones de usuarios en todo el mundo.\",\"image\":\"https:\/\/freevpnplanet.com\/es\/wp-content\/themes\/planetvpn\/assets\/images\/footer\/footer-logo.svg\",\"featureList\":[\"Free unlimited VPN \u2014 no traffic, time or bandwidth limits\",\"Strict no-logs policy and no registration required\",\"1,260+ servers in 60+ countries (6 forever-free locations)\",\"256-bit encryption with OpenVPN, IKEv2, PlanetX and StarGuard protocols\",\"Built-in kill switch, DNS and WebRTC leak protection\",\"Split tunneling, Double VPN, P2P and streaming-optimised servers (Premium)\",\"Native apps for Windows, macOS, Linux, iOS, Android, Android TV and Huawei\",\"Browser extensions for Chrome, Firefox, Edge and Opera\"],\"keywords\":[\"free vpn\",\"vpn proxy\",\"no-logs vpn\",\"best free vpn\",\"unlimited free vpn\",\"vpn for streaming\",\"vpn for netflix\",\"vpn for torrenting\",\"vpn for gaming\",\"vpn for windows\",\"vpn for mac\",\"vpn for android\",\"vpn for ios\",\"vpn for chrome\",\"vpn for firefox\",\"vpn for edge\",\"vpn for opera\",\"vpn for android tv\",\"vpn for router\",\"openvpn\",\"ikev2 vpn\",\"starguard protocol\",\"double vpn\",\"split tunneling\",\"kill switch vpn\",\"dns leak protection\",\"webrtc leak protection\",\"256-bit vpn encryption\",\"anonymous browsing\",\"change ip address\",\"hide ip\",\"secure wifi vpn\",\"free vpn no sign up\",\"free proxy vpn\"],\"additionalProperty\":[{\"@type\":\"PropertyValue\",\"name\":\"General Features\",\"value\":\"Unlimited bandwidth, no traffic cap, no time limit, no registration, no-logs policy, 24\/7 support\",\"description\":\"Category: General\"},{\"@type\":\"PropertyValue\",\"name\":\"Protocols\",\"value\":\"OpenVPN, IKEv2, PlanetX, StarGuard\",\"description\":\"Category: Protocols\"},{\"@type\":\"PropertyValue\",\"name\":\"Network Coverage\",\"value\":\"1,260+ servers, 60+ countries, 6 forever-free locations\",\"description\":\"Category: Network\"},{\"@type\":\"PropertyValue\",\"name\":\"Security Features\",\"value\":\"256-bit encryption, kill switch, DNS leak protection, WebRTC leak protection, encrypted servers\",\"description\":\"Category: Security\"},{\"@type\":\"PropertyValue\",\"name\":\"Privacy Features\",\"value\":\"Strict no-logs policy, no registration, anonymous payment options, private DNS\",\"description\":\"Category: Privacy\"},{\"@type\":\"PropertyValue\",\"name\":\"Free Tools\",\"value\":\"DNS Leak Test, WebRTC Leak Test, Virus Scan, IP Check, Password Generator\",\"description\":\"Category: Tools\"},{\"@type\":\"PropertyValue\",\"name\":\"Supported Apps\",\"value\":\"Windows, macOS, Linux, Android, iOS, Android TV, Huawei AppGallery, Chrome, Firefox, Edge, Opera, OpenVPN, Router\",\"description\":\"Category: Compatibility\"},{\"@type\":\"PropertyValue\",\"name\":\"Premium-only Features\",\"value\":\"All 60+ locations, P2P\/streaming\/Double VPN servers, split tunneling, system configurations, ad-free experience, multi-device subscription, 24\/7 support\",\"description\":\"Category: Premium\"}],\"audience\":[{\"@type\":\"Audience\",\"audienceType\":\"Privacy Enthusiasts\",\"description\":\"Users who value strict no-logs policies, 256-bit encryption and full anonymity online without registration.\"},{\"@type\":\"Audience\",\"audienceType\":\"Streamers\",\"description\":\"Viewers wanting unrestricted access to Netflix, Disney+, BBC iPlayer, Hulu and other geo-blocked streaming libraries.\"},{\"@type\":\"Audience\",\"audienceType\":\"Gamers\",\"description\":\"Players reducing latency, accessing region-locked games and protecting against DDoS attacks across PC, mobile and console.\"},{\"@type\":\"Audience\",\"audienceType\":\"Travelers\",\"description\":\"Frequent travelers and digital nomads needing secure public Wi-Fi access and connectivity to home-country services while abroad.\"},{\"@type\":\"Audience\",\"audienceType\":\"P2P\/Torrent Users\",\"description\":\"BitTorrent users who need P2P-optimised servers and IP masking to protect their identity while sharing files.\"},{\"@type\":\"Audience\",\"audienceType\":\"Bargain Hunters\",\"description\":\"Shoppers comparing flight, hotel, car-rental and Steam prices across regions to capture the best deal available.\"},{\"@type\":\"Audience\",\"audienceType\":\"Activists & Journalists\",\"description\":\"Reporters and human-rights advocates working in restrictive regions who need obfuscation and censorship circumvention.\"},{\"@type\":\"Audience\",\"audienceType\":\"Casual Users\",\"description\":\"Everyday users seeking quick, free, no-signup privacy on public Wi-Fi or to bypass simple regional blocks.\"}],\"hasPart\":[{\"@type\":\"SoftwareApplication\",\"name\":\"Planet VPN for Desktop\",\"operatingSystem\":[\"Windows\",\"macOS\",\"Linux\"],\"url\":\"https:\/\/freevpnplanet.com\/es\/free-vpn-pc\/\"},{\"@type\":\"MobileApplication\",\"name\":\"Planet VPN for Mobile\",\"operatingSystem\":[\"iOS\",\"Android\"],\"url\":\"https:\/\/freevpnplanet.com\/es\/android\/\"},{\"@type\":\"WebApplication\",\"name\":\"Planet VPN Browser Extensions\",\"operatingSystem\":[\"Chrome\",\"Firefox\",\"Edge\",\"Opera\"],\"url\":\"https:\/\/freevpnplanet.com\/es\/chrome\/\"},{\"@type\":\"SoftwareApplication\",\"name\":\"Planet VPN for Android TV \/ Router\",\"operatingSystem\":[\"Android TV\",\"OpenVPN-compatible routers\"],\"url\":\"https:\/\/freevpnplanet.com\/es\/vpn-android-tv\/\"}],\"review\":[{\"@type\":\"Review\",\"author\":{\"@type\":\"Organization\",\"name\":\"SafetyDetectives\",\"url\":\"https:\/\/www.safetydetectives.com\/\"},\"reviewBody\":\"Planet VPN shines in a couple of categories. It supports torrenting and offers robust security features along with a transparent no-logs policy. Plus, its streaming capabilities and speeds have improved thanks to its new StarGuard protocol. On top of that, its free version has no traffic, bandwidth, or time limits, which is uncommon among most VPNs.\"},{\"@type\":\"Review\",\"author\":{\"@type\":\"Organization\",\"name\":\"VPNOverview\",\"url\":\"https:\/\/vpnoverview.com\/\"},\"reviewBody\":\"I'm pleased with Planet VPN's transparency and no-logs policy. It does a great job at keeping users secured online. It also has a good server network and is quite user-friendly.\"},{\"@type\":\"Review\",\"author\":{\"@type\":\"Organization\",\"name\":\"vpnMentor\",\"url\":\"https:\/\/www.vpnmentor.com\/\"},\"reviewBody\":\"It includes industry-standard VPN security features like 256-bit encryption, a kill switch, a strict no-logs policy, and protection and DNS and WebRTC leaks. Planet VPN has an intuitive dashboard that is easy to navigate and allows 10 simultaneous connections.\"}],\"@id\":\"https:\/\/freevpnplanet.com\/es\/#softwareapplication\",\"aggregateRating\":{\"@type\":\"AggregateRating\",\"ratingValue\":\"4.6\",\"bestRating\":\"5\",\"ratingCount\":\"1960000\"}},{\"@type\":\"Organization\",\"@id\":\"https:\/\/freevpnplanet.com\/es\/#organization\",\"url\":\"https:\/\/freevpnplanet.com\/es\",\"name\":\"Planet VPN \ud83d\udee1\ufe0f\ud83c\udf10 Free VPN\",\"alternateName\":[\"Free VPN Planet\",\"Planet VPN\"],\"legalName\":\"FREE VPN PLANET S.R.L\",\"slogan\":\"Free VPN for Fast, Private and Unlimited Browsing\",\"description\":\"Planet VPN \u2014 a privacy-first VPN service operated by FREE VPN PLANET S.R.L from Bucharest, Romania. Free unlimited browsing across 6 locations, premium access to 1,260+ servers in 60+ countries.\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\/\/freevpnplanet.com\/es\/wp-content\/themes\/planetvpn\/assets\/images\/footer\/footer-logo.svg\",\"caption\":\"Planet VPN logo\"},\"image\":\"https:\/\/freevpnplanet.com\/es\/wp-content\/themes\/planetvpn\/assets\/images\/footer\/footer-logo.svg\",\"identifier\":{\"@type\":\"PropertyValue\",\"propertyID\":\"Romanian Trade Register Number\",\"value\":\"44667783\"},\"address\":{\"@type\":\"PostalAddress\",\"streetAddress\":\"Hermes Business Campus, Bulevardul Dimitrie Pompeiu 5-7, Sectorul 2\",\"addressLocality\":\"Bucharest\",\"postalCode\":\"020335\",\"addressCountry\":\"RO\"},\"contactPoint\":[{\"@type\":\"ContactPoint\",\"contactType\":\"customer support\",\"url\":\"https:\/\/freevpnplanet.com\/es\/contact-us\/\",\"availableLanguage\":[\"ar\",\"cs\",\"de\",\"en\",\"es\",\"fa\",\"fr\",\"id\",\"it\",\"ja\",\"ko\",\"nl\",\"pl\",\"pt\",\"ro\",\"ru\",\"sv\",\"th\",\"tl\",\"tr\",\"uk\"]}],\"sameAs\":[\"https:\/\/t.me\/FreeVPNPlanet\",\"https:\/\/www.facebook.com\/Free-VPN-Planet-100227692706840\",\"https:\/\/x.com\/PlanetVPNfree\",\"https:\/\/www.youtube.com\/@planetvpn-FreeVPN\",\"https:\/\/www.instagram.com\/planetvpn\/\",\"https:\/\/pinterest.com\/planetvpn\",\"https:\/\/www.tiktok.com\/@planetvpn\",\"https:\/\/play.google.com\/store\/apps\/details?id=com.freevpnplanet\",\"https:\/\/apps.apple.com\/us\/app\/planet-free-vpn-super-proxy\/id1410235921\",\"https:\/\/apps.microsoft.com\/detail\/9p15s8pwmq8c\",\"https:\/\/chromewebstore.google.com\/detail\/free-vpn-for-chrome-ad-bl\/hipncndjamdcmphkgngojegjblibadbe\",\"https:\/\/www.trustpilot.com\/review\/freevpnplanet.com\",\"https:\/\/planet-vpn.en.softonic.com\/\",\"https:\/\/planet-vpn.en.uptodown.com\/android\"],\"knowsAbout\":[\"Virtual Private Network\",\"Encryption\",\"256-bit encryption\",\"OpenVPN\",\"IKEv2\",\"Tunneling protocols\",\"Internet privacy\",\"Network security\",\"Computer security\",\"Anonymity\",\"DNS leak protection\",\"WebRTC leak protection\",\"Kill switch\",\"Split tunneling\",\"Double VPN\",\"Geo-blocking\",\"Censorship circumvention\",\"Public Wi-Fi security\",\"P2P\",\"BitTorrent\",\"Streaming\",\"Online gaming\",\"IP address\",\"Proxy server\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress \u25b6\ufe0f Planet VPN","description":"Flaw est\u00e1 en File Manager, un plugin con m\u00e1s de 700.000 usuarios; el 52% est\u00e1n afectados.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/","og_locale":"es_ES","og_type":"article","og_title":"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress \u25b6\ufe0f Planet VPN","og_description":"Flaw est\u00e1 en File Manager, un plugin con m\u00e1s de 700.000 usuarios; el 52% est\u00e1n afectados.","og_url":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/","og_site_name":"Planet VPN","article_published_time":"2020-09-03T08:42:47+00:00","article_modified_time":"2022-05-31T13:18:58+00:00","og_image":[{"width":974,"height":550,"url":"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp","type":"image\/jpeg"}],"author":"Makoto Naki","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Satoshi Naki \u2013 Autor de art\u00edculos","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/","url":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/","name":"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress \u25b6\ufe0f Planet VPN","primaryImageOfPage":{"@id":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#primaryimage"},"image":{"@id":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#primaryimage"},"thumbnailUrl":"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp","datePublished":"2020-09-03T08:42:47+00:00","dateModified":"2022-05-31T13:18:58+00:00","author":{"@id":"https:\/\/freevpnplanet.com\/es\/#\/schema\/person\/6c5263c6d99110898a1d44d63a1c4fdd"},"description":"Flaw est\u00e1 en File Manager, un plugin con m\u00e1s de 700.000 usuarios; el 52% est\u00e1n afectados.","inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#primaryimage","url":"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp","contentUrl":"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2019\/09\/rvpn-wordpress-protection-12-tips-to-protect-your-website-20190917_120137_608328.webp","width":974,"height":550,"caption":"WordPress Protection - 12 Tips to Protect Your Website"},{"@type":"BreadcrumbList","@id":"https:\/\/freevpnplanet.com\/es\/blog\/los-hackers-estan-explotando-un-fallo-critico-que-afecta-a-mas-de-350-000-sitios-de-wordpress\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/freevpnplanet.com\/es\/"},{"@type":"ListItem","position":2,"name":"Los hackers explotan vulnerabilidades cr\u00edticas en los sitios de WordPress"}]},{"@type":"WebSite","@id":"https:\/\/freevpnplanet.com\/es\/#website","url":"https:\/\/freevpnplanet.com\/es","name":"Planet VPN \ud83d\udee1\ufe0f\ud83c\udf10 Free VPN","description":"Free VPN","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/freevpnplanet.com\/es\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en"},{"@type":"Person","@id":"https:\/\/freevpnplanet.com\/es\/#\/schema\/person\/6c5263c6d99110898a1d44d63a1c4fdd","name":"Makoto Naki","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/freevpnplanet.com\/es\/#\/schema\/person\/image\/","url":"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2025\/02\/cropped-writer_enhanced-1-1-96x96.png","contentUrl":"https:\/\/freevpnplanet.com\/wp-content\/uploads\/2025\/02\/cropped-writer_enhanced-1-1-96x96.png","caption":"Makoto Naki"},"description":"Makoto is one of the top analysts at Hack The Box: Penetration Testing Labs, specializing in cybersecurity research and analysis. Having a thorough awareness of cyber dangers and ethical hacking, he offers insightful evaluations of attack methods and security flaws. His knowledge helps him to simplify difficult cybersecurity ideas, so they are helpful for both professionals and enthusiasts. Makoto has vast experience writing on cybersecurity, penetration testing, hackers, and privacy as a cybercrime gonzo journalist. His investigative style gives life to real-life hacking stories, highlighting new dangers and changing strategies. He provides insightful viewpoints on security and digital privacy by delving into the obscure facets of the digital world through in-depth writings and reports.","url":"https:\/\/freevpnplanet.com\/es\/author\/makoto-naki\/"},{"@type":"SoftwareApplication","name":"Planet VPN \ud83d\udee1\ufe0f\ud83c\udf10 Free VPN","operatingSystem":"Windows, macOS, iOS, Android, Linux, Chrome","applicationCategory":"SecurityApplication","offers":{"@type":"AggregateOffer","priceCurrency":"USD","price":"0","lowPrice":"0","availability":"https:\/\/schema.org\/InStock"},"applicationSubCategory":"VPN","url":"https:\/\/freevpnplanet.com\/es\/","downloadUrl":"https:\/\/freevpnplanet.com\/es\/download\/","permissions":"Network access, VPN configuration","description":"Planet VPN es un servicio VPN que prioriza la privacidad. La versi\u00f3n gratuita ofrece ancho de banda y tiempo ilimitados en 6 ubicaciones, con una estricta pol\u00edtica de no registros y sin registro de cuenta. Premium desbloquea m\u00e1s de 1.260 servidores en m\u00e1s de 60 pa\u00edses, P2P, streaming y Double VPN, con tunelizaci\u00f3n dividida, interruptor de emergencia, cifrado de 256 bits y protocolos OpenVPN, IKEv2, PlanetX y StarGuard. Con la confianza de m\u00e1s de 15 millones de usuarios en todo el mundo.","image":"https:\/\/freevpnplanet.com\/es\/wp-content\/themes\/planetvpn\/assets\/images\/footer\/footer-logo.svg","featureList":["Free unlimited VPN \u2014 no traffic, time or bandwidth limits","Strict no-logs policy and no registration required","1,260+ servers in 60+ countries (6 forever-free locations)","256-bit encryption with OpenVPN, IKEv2, PlanetX and StarGuard protocols","Built-in kill switch, DNS and WebRTC leak protection","Split tunneling, Double VPN, P2P and streaming-optimised servers (Premium)","Native apps for Windows, macOS, Linux, iOS, Android, Android TV and Huawei","Browser extensions for Chrome, Firefox, Edge and Opera"],"keywords":["free vpn","vpn proxy","no-logs vpn","best free vpn","unlimited free vpn","vpn for streaming","vpn for netflix","vpn for torrenting","vpn for gaming","vpn for windows","vpn for mac","vpn for android","vpn for ios","vpn for chrome","vpn for firefox","vpn for edge","vpn for opera","vpn for android tv","vpn for router","openvpn","ikev2 vpn","starguard protocol","double vpn","split tunneling","kill switch vpn","dns leak protection","webrtc leak protection","256-bit vpn encryption","anonymous browsing","change ip address","hide ip","secure wifi vpn","free vpn no sign up","free proxy vpn"],"additionalProperty":[{"@type":"PropertyValue","name":"General Features","value":"Unlimited bandwidth, no traffic cap, no time limit, no registration, no-logs policy, 24\/7 support","description":"Category: General"},{"@type":"PropertyValue","name":"Protocols","value":"OpenVPN, IKEv2, PlanetX, StarGuard","description":"Category: Protocols"},{"@type":"PropertyValue","name":"Network Coverage","value":"1,260+ servers, 60+ countries, 6 forever-free locations","description":"Category: Network"},{"@type":"PropertyValue","name":"Security Features","value":"256-bit encryption, kill switch, DNS leak protection, WebRTC leak protection, encrypted servers","description":"Category: Security"},{"@type":"PropertyValue","name":"Privacy Features","value":"Strict no-logs policy, no registration, anonymous payment options, private DNS","description":"Category: Privacy"},{"@type":"PropertyValue","name":"Free Tools","value":"DNS Leak Test, WebRTC Leak Test, Virus Scan, IP Check, Password Generator","description":"Category: Tools"},{"@type":"PropertyValue","name":"Supported Apps","value":"Windows, macOS, Linux, Android, iOS, Android TV, Huawei AppGallery, Chrome, Firefox, Edge, Opera, OpenVPN, Router","description":"Category: Compatibility"},{"@type":"PropertyValue","name":"Premium-only Features","value":"All 60+ locations, P2P\/streaming\/Double VPN servers, split tunneling, system configurations, ad-free experience, multi-device subscription, 24\/7 support","description":"Category: Premium"}],"audience":[{"@type":"Audience","audienceType":"Privacy Enthusiasts","description":"Users who value strict no-logs policies, 256-bit encryption and full anonymity online without registration."},{"@type":"Audience","audienceType":"Streamers","description":"Viewers wanting unrestricted access to Netflix, Disney+, BBC iPlayer, Hulu and other geo-blocked streaming libraries."},{"@type":"Audience","audienceType":"Gamers","description":"Players reducing latency, accessing region-locked games and protecting against DDoS attacks across PC, mobile and console."},{"@type":"Audience","audienceType":"Travelers","description":"Frequent travelers and digital nomads needing secure public Wi-Fi access and connectivity to home-country services while abroad."},{"@type":"Audience","audienceType":"P2P\/Torrent Users","description":"BitTorrent users who need P2P-optimised servers and IP masking to protect their identity while sharing files."},{"@type":"Audience","audienceType":"Bargain Hunters","description":"Shoppers comparing flight, hotel, car-rental and Steam prices across regions to capture the best deal available."},{"@type":"Audience","audienceType":"Activists & Journalists","description":"Reporters and human-rights advocates working in restrictive regions who need obfuscation and censorship circumvention."},{"@type":"Audience","audienceType":"Casual Users","description":"Everyday users seeking quick, free, no-signup privacy on public Wi-Fi or to bypass simple regional blocks."}],"hasPart":[{"@type":"SoftwareApplication","name":"Planet VPN for Desktop","operatingSystem":["Windows","macOS","Linux"],"url":"https:\/\/freevpnplanet.com\/es\/free-vpn-pc\/"},{"@type":"MobileApplication","name":"Planet VPN for Mobile","operatingSystem":["iOS","Android"],"url":"https:\/\/freevpnplanet.com\/es\/android\/"},{"@type":"WebApplication","name":"Planet VPN Browser Extensions","operatingSystem":["Chrome","Firefox","Edge","Opera"],"url":"https:\/\/freevpnplanet.com\/es\/chrome\/"},{"@type":"SoftwareApplication","name":"Planet VPN for Android TV \/ Router","operatingSystem":["Android TV","OpenVPN-compatible routers"],"url":"https:\/\/freevpnplanet.com\/es\/vpn-android-tv\/"}],"review":[{"@type":"Review","author":{"@type":"Organization","name":"SafetyDetectives","url":"https:\/\/www.safetydetectives.com\/"},"reviewBody":"Planet VPN shines in a couple of categories. It supports torrenting and offers robust security features along with a transparent no-logs policy. Plus, its streaming capabilities and speeds have improved thanks to its new StarGuard protocol. On top of that, its free version has no traffic, bandwidth, or time limits, which is uncommon among most VPNs."},{"@type":"Review","author":{"@type":"Organization","name":"VPNOverview","url":"https:\/\/vpnoverview.com\/"},"reviewBody":"I'm pleased with Planet VPN's transparency and no-logs policy. It does a great job at keeping users secured online. It also has a good server network and is quite user-friendly."},{"@type":"Review","author":{"@type":"Organization","name":"vpnMentor","url":"https:\/\/www.vpnmentor.com\/"},"reviewBody":"It includes industry-standard VPN security features like 256-bit encryption, a kill switch, a strict no-logs policy, and protection and DNS and WebRTC leaks. Planet VPN has an intuitive dashboard that is easy to navigate and allows 10 simultaneous connections."}],"@id":"https:\/\/freevpnplanet.com\/es\/#softwareapplication","aggregateRating":{"@type":"AggregateRating","ratingValue":"4.6","bestRating":"5","ratingCount":"1960000"}},{"@type":"Organization","@id":"https:\/\/freevpnplanet.com\/es\/#organization","url":"https:\/\/freevpnplanet.com\/es","name":"Planet VPN \ud83d\udee1\ufe0f\ud83c\udf10 Free VPN","alternateName":["Free VPN Planet","Planet VPN"],"legalName":"FREE VPN PLANET S.R.L","slogan":"Free VPN for Fast, Private and Unlimited Browsing","description":"Planet VPN \u2014 a privacy-first VPN service operated by FREE VPN PLANET S.R.L from Bucharest, Romania. Free unlimited browsing across 6 locations, premium access to 1,260+ servers in 60+ countries.","logo":{"@type":"ImageObject","url":"https:\/\/freevpnplanet.com\/es\/wp-content\/themes\/planetvpn\/assets\/images\/footer\/footer-logo.svg","caption":"Planet VPN logo"},"image":"https:\/\/freevpnplanet.com\/es\/wp-content\/themes\/planetvpn\/assets\/images\/footer\/footer-logo.svg","identifier":{"@type":"PropertyValue","propertyID":"Romanian Trade Register Number","value":"44667783"},"address":{"@type":"PostalAddress","streetAddress":"Hermes Business Campus, Bulevardul Dimitrie Pompeiu 5-7, Sectorul 2","addressLocality":"Bucharest","postalCode":"020335","addressCountry":"RO"},"contactPoint":[{"@type":"ContactPoint","contactType":"customer support","url":"https:\/\/freevpnplanet.com\/es\/contact-us\/","availableLanguage":["ar","cs","de","en","es","fa","fr","id","it","ja","ko","nl","pl","pt","ro","ru","sv","th","tl","tr","uk"]}],"sameAs":["https:\/\/t.me\/FreeVPNPlanet","https:\/\/www.facebook.com\/Free-VPN-Planet-100227692706840","https:\/\/x.com\/PlanetVPNfree","https:\/\/www.youtube.com\/@planetvpn-FreeVPN","https:\/\/www.instagram.com\/planetvpn\/","https:\/\/pinterest.com\/planetvpn","https:\/\/www.tiktok.com\/@planetvpn","https:\/\/play.google.com\/store\/apps\/details?id=com.freevpnplanet","https:\/\/apps.apple.com\/us\/app\/planet-free-vpn-super-proxy\/id1410235921","https:\/\/apps.microsoft.com\/detail\/9p15s8pwmq8c","https:\/\/chromewebstore.google.com\/detail\/free-vpn-for-chrome-ad-bl\/hipncndjamdcmphkgngojegjblibadbe","https:\/\/www.trustpilot.com\/review\/freevpnplanet.com","https:\/\/planet-vpn.en.softonic.com\/","https:\/\/planet-vpn.en.uptodown.com\/android"],"knowsAbout":["Virtual Private Network","Encryption","256-bit encryption","OpenVPN","IKEv2","Tunneling protocols","Internet privacy","Network security","Computer security","Anonymity","DNS leak protection","WebRTC leak protection","Kill switch","Split tunneling","Double VPN","Geo-blocking","Censorship circumvention","Public Wi-Fi security","P2P","BitTorrent","Streaming","Online gaming","IP address","Proxy server"]}]}},"acf":[],"_links":{"self":[{"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/post\/18791","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/post"}],"about":[{"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/comments?post=18791"}],"version-history":[{"count":0,"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/post\/18791\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/media\/3510"}],"wp:attachment":[{"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/media?parent=18791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/categories?post=18791"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/freevpnplanet.com\/es\/wp-json\/wp\/v2\/tags?post=18791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}