Does Amministrazione Trasparente have any unpatched vulnerabilities?

No. All known vulnerabilities in Amministrazione Trasparente have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Amministrazione Trasparente compatible with WordPress 6.9.4?

According to WordPress.org data, Amministrazione Trasparente 9.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Amministrazione Trasparente updated?

Amministrazione Trasparente was last updated on Aug 29, 2025. Frequent updates are generally a positive security signal.

What is Amministrazione Trasparente's security score?

Amministrazione Trasparente has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Amministrazione Trasparente Security & Risk Analysis

wordpress.org/plugins/amministrazione-trasparente

Plugin completo per la gestione documentale di Amministrazione Trasparente nelle Pubbliche Amministrazioni (D.lgs. 33/2013)

1K active installs v9.1 PHP + WP 4.2+ Updated Aug 29, 2025

amministrazioneapertaattidocumentitrasparente

A · Safe

CVEs total3

Unpatched0

Last CVEAug 30, 2025

Plugin page Download

Safety Verdict

Is Amministrazione Trasparente Safe to Use in 2026?

Generally Safe

Score 97/100

Amministrazione Trasparente has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Aug 30, 2025Updated 7mo ago

Risk Assessment

The "amministrazione-trasparente" plugin version 9.1 exhibits a mixed security posture. On the positive side, the static analysis reveals good practices such as the absence of dangerous functions, the use of prepared statements for all SQL queries, and a decent proportion of properly escaped output. The plugin also incorporates at least one nonce check and one capability check, which are crucial for preventing common web vulnerabilities.

However, concerns arise from the taint analysis, which identified one flow with an unsanitized path. While classified as not critical or high severity, this indicates a potential weakness where user-supplied data might be processed in an insecure manner, potentially leading to vulnerabilities if exploited. Furthermore, the plugin's history of three medium-severity CVEs, primarily involving Cross-site Scripting and Cross-Site Request Forgery, is a significant concern. The fact that the last vulnerability was very recent (2025-08-30) suggests a pattern of introducing exploitable flaws, even if they are consistently patched.

In conclusion, while the plugin demonstrates some strong security fundamentals, the presence of an unsanitized path in taint analysis and its history of medium-severity vulnerabilities necessitate careful attention. The plugin is not inherently insecure, but the recurring nature of past issues and the identified taint flow indicate areas that require diligent monitoring and potential further hardening to mitigate ongoing risks.

Key Concerns

Taint flow with unsanitized path
History of 3 medium severity CVEs
82% of outputs properly escaped (implies 18% not)

Vulnerabilities

Amministrazione Trasparente Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

1 CVE in 2023

2023

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2025-5083medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Amministrazione Trasparente <= 9.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via print_r Function

Aug 30, 2025 Patched in 9.1 (1d)

CVE-2023-45758medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Amministrazione Trasparente <= 8.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

Oct 12, 2023 Patched in 8.0.5 (103d)

CVE-2021-4398medium · 4.3Cross-Site Request Forgery (CSRF)

Amministrazione Trasparente <= 7.1 - Cross-Site Request Forgery Bypass

Jul 5, 2021 Patched in 7.1.1 (932d)

Code Analysis

Analyzed Mar 16, 2026

Amministrazione Trasparente Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

158 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

82% escaped192 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

<amministrazionetrasparente> (amministrazionetrasparente.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Amministrazione Trasparente Attack Surface

Entry Points7

Unprotected0

Shortcodes 7

[at-head] amministrazionetrasparente.php:191

[at-desc] amministrazionetrasparente.php:198

[at-table] amministrazionetrasparente.php:205

[at-list] amministrazionetrasparente.php:212

[at-sezioni] amministrazionetrasparente.php:219

[at-search] amministrazionetrasparente.php:231

[amministrazione-trasparente] gutenberg.php:8

WordPress Hooks 30

actioninitamministrazionetrasparente.php:13

actioninitamministrazionetrasparente.php:53

actionadmin_head-edit-tags.phpamministrazionetrasparente.php:183

actionadmin_head-term.phpamministrazionetrasparente.php:184

actionadmin_head-post.phpamministrazionetrasparente.php:185

actionadmin_head-post-new.phpamministrazionetrasparente.php:186

filtertemplate_includeamministrazionetrasparente.php:261

actionadmin_enqueue_scriptsamministrazionetrasparente.php:264

actionrestrict_manage_postsamministrazionetrasparente.php:269

actionadmin_initamministrazionetrasparente.php:289

actionadmin_enqueue_scriptsamministrazionetrasparente.php:312

actionadmin_menuamministrazionetrasparente.php:319

actionadmin_enqueue_scriptsamministrazionetrasparente.php:351

actionpre_get_postsamministrazionetrasparente.php:381

filterdci_get_breadcrumb_itemsamministrazionetrasparente.php:402

filterget_the_archive_titleamministrazionetrasparente.php:442

actionadmin_noticesamministrazionetrasparente.php:453

actionadmin_noticesbackend.php:4

actionmanage_amm-trasparente_posts_columnsbackend.php:5

actionmanage_amm-trasparente_posts_custom_columnbackend.php:6

actionmanage_edit-amm-trasparente_sortable_columnsbackend.php:7

actioninitgutenberg.php:6

actionwp_enqueue_scriptsgutenberg.php:7

actionadd_meta_boxesredirector.php:3

actionsave_postredirector.php:49

actiontemplate_redirectredirector.php:58

filterpage_linkredirector.php:70

filterpost_linkredirector.php:71

filterget_sample_permalink_htmlredirector.php:113

actionwidgets_initwidget\widget.php:106

Maintenance & Trust

Amministrazione Trasparente Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedAug 29, 2025

PHP min version

Downloads70K

Community Trust

Rating98/100

Number of ratings25

Active installs1K

Alternatives

Amministrazione Trasparente Alternatives

ANAC XML Viewer

anac-xml-viewer

Software per la visualizzazione di dataset XML su tracciato ANAC (ex AVCP -Legge 190/2012 Art 1.32).

1K 2 CVEs

Amministrazione Aperta

amministrazione-aperta

Software per la pubblicazione di concessioni (sovvenzioni, contributi, sussidi e vantaggi economici) e incarichi, anche in formato open data, come ric …

200 1 CVE

Advanced Editor Tools

tinymce-advanced

100

Extends and enhances the block editor (Gutenberg) and the classic editor (TinyMCE).

2.0M 1 CVE

Advanced Excerpt

advanced-excerpt

Control the appearance of WordPress post excerpts

80K No CVEs

WooCommerce Payfast Gateway

woocommerce-payfast-gateway

100

Give customers more flexibility and increase your bottom line with Payfast — one of South Africa’s most popular payment gateways.

30K No CVEs

Developer Profile

Amministrazione Trasparente Developer Profile

Marco Milesi

13 plugins · 13K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

280 days

View full developer profile

Detection Fingerprints

How We Detect Amministrazione Trasparente

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/amministrazione-trasparente/css/at-custom.css/wp-content/plugins/amministrazione-trasparente/css/at-style.css/wp-content/plugins/amministrazione-trasparente/css/datatable/dataTables.bootstrap.min.css/wp-content/plugins/amministrazione-trasparente/css/datatable/datatables.min.css/wp-content/plugins/amministrazione-trasparente/js/at-functions.js/wp-content/plugins/amministrazione-trasparente/js/datatable/dataTables.bootstrap.min.js/wp-content/plugins/amministrazione-trasparente/js/datatable/dataTables.min.js

Script Paths

/wp-content/plugins/amministrazione-trasparente/js/at-functions.js/wp-content/plugins/amministrazione-trasparente/js/datatable/dataTables.min.js/wp-content/plugins/amministrazione-trasparente/js/datatable/dataTables.bootstrap.min.js

HTML / DOM Fingerprints

CSS Classes

at-contentat-table-wrapper

HTML Comments

=========== SHORTCODES [at-head] & [at-desc] & [at-table] & [at-list] ===========

Data Attributes

data-at-id

JS Globals

at_options

REST Endpoints

/wp-json/amministrazione-trasparente/v1/config

Shortcode Output

[at-head][at-desc][at-table][at-list]

FAQ