← Back

Amministrazione Trasparente Project

amministrazione_trasparente_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Amministrazione Trasparente Project
1Amministrazione Trasparente
Jun 17, 2026
Oct 25, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Amministrazione Trasparente plugin <= 8.0.2 versions.
1Amministrazione Trasparente Project
1Amministrazione Trasparente
Jun 17, 2026
Jul 1, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. This is due to missing or incorrect nonce validation on the at_save_aturl_meta() fu...Show more
The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. This is due to missing or incorrect nonce validation on the at_save_aturl_meta() function. This makes it possible for unauthenticated attackers to update meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less