2 matches found
CVE-2021-4398
The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. This is due to missing or incorrect nonce validation on the atsaveaturlmeta function. This makes it possible for unauthenticated attackers to update meta data vi...
PT-2023-12510 · WordPress · Amministrazione Trasparente
Name of the Vulnerable Software and Affected Versions: Amministrazione Trasparente plugin for WordPress versions up to, and including, 7.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the at save aturl meta function. This allows...