CVE-2022-1618 in Coru LFMember Plugininfo

Zusammenfassung

von MITRE • 16.01.2024

The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a new game, and is lacking sanitisation as well as escaping in their settings, allowing attacker to make a logged in admin add an arbitrary game with XSS payloads

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

07.05.2022

Veröffentlichung

16.01.2024

Moderieren

akzeptiert

Eintrag

VDB-250876

CPE

bereit

EPSS

0.00266

KEV

nein

Aktivitäten

very low

Quellen

Do you need the next level of professionalism?

Upgrade your account now!