The Amministrazione Trasparente plugin for WordPress is not secure and can be hacked by attackers who have administrator-level permissions. This can happen because the plugin doesn’t check for harmful code before displaying it, making it possible for attackers to inject their own code into pages. This only affects multi-site installations and installations where unfiltered_html has been disabled.