Amministrazione Trasparente Project - Amministrazione Trasparente CVE - OpenCVE

Filtered by vendor Amministrazione Trasparente Project Subscriptions

Filtered by product Amministrazione Trasparente Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-45758	1 Amministrazione Trasparente Project	1 Amministrazione Trasparente	2024-09-10	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Amministrazione Trasparente plugin <= 8.0.2 versions.
CVE-2021-4398	1 Amministrazione Trasparente Project	1 Amministrazione Trasparente	2024-08-03	8.8 High
The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. This is due to missing or incorrect nonce validation on the at_save_aturl_meta() function. This makes it possible for unauthenticated attackers to update meta data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Page 1 of 1.