CVE-2021-4398
The CVE concerns the WordPress Amministrazione Trasparente plugin (affected: version 7.1 and earlier) with a Cross-Site Request Forgery vulnerability caused by missing/incorrect nonce validation in the at_save_aturl_meta() function. This allows unauthenticated attackers to update meta data via a ...