The Amministrazione Trasparente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Metrics
Affected Vendors & Products
References
History
Tue, 02 Sep 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Amministrazione Trasparente Project
Amministrazione Trasparente Project amministrazione Trasparente Wordpress Wordpress wordpress |
|
Vendors & Products |
Amministrazione Trasparente Project
Amministrazione Trasparente Project amministrazione Trasparente Wordpress Wordpress wordpress |
Sun, 31 Aug 2025 04:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Amministrazione Trasparente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | |
Title | Amministrazione Trasparente <= 9.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via print_r Function | |
Weaknesses | CWE-79 | |
References |
|
|
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Wordfence
Published:
Updated: 2025-09-02T20:45:21.159Z
Reserved: 2025-05-22T08:46:01.922Z
Link: CVE-2025-5083

No data.

Status : Awaiting Analysis
Published: 2025-08-31T05:15:32.410
Modified: 2025-09-02T15:55:25.420
Link: CVE-2025-5083

No data.

Updated: 2025-09-02T15:23:25Z