Cross-Site Request Forgery Vulnerability in Amministrazione Trasparente Plugin for WordPress
CVE-2021-4398
8.8HIGH
What is CVE-2021-4398?
The Amministrazione Trasparente plugin for WordPress has a vulnerability that permits Cross-Site Request Forgery due to inadequate nonce validation in the at_save_aturl_meta() function. This weakness potentially allows malicious actors to manipulate site administrators into executing unintended actions, thus granting unauthorized alterations to meta data without proper authentication.
Affected Version(s)
Amministrazione Trasparente * <= 7.1