Marcorulicke

marcorulicke

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Coru Lfmember

coru_lfmember

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-1618 1Marcorulicke 1Coru Lfmember Jun 17, 2026 Jan 16, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a new game, and is lacking sanitisation as well as escaping in their settings, allowing attacker to make a logged in admin ad...Show more The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a new game, and is lacking sanitisation as well as escaping in their settings, allowing attacker to make a logged in admin add an arbitrary game with XSS payloadsShow less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-1618

1Marcorulicke

1Coru Lfmember

Jun 17, 2026

Jan 16, 2024

N/A· v4

6.1 MEDIUM· v3

N/A· v2

The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a new game, and is lacking sanitisation as well as escaping in their settings, allowing attacker to make a logged in admin ad...Show more