VYPR

Amministrazione Trasparente

by WordPress

Source repositories

CVEs (3)

  • CVE-2023-45758MedOct 25, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Amministrazione Trasparente plugin <= 8.0.2 versions.

  • CVE-2025-5083MedAug 31, 2025
    risk 0.29cvss 5.5epss 0.00

    The Amministrazione Trasparente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…

  • CVE-2021-4398MedJul 1, 2023
    risk 0.28cvss 4.3epss 0.00

    The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. This is due to missing or incorrect nonce validation on the at_save_aturl_meta() function. This makes it possible for unauthenticated…