Vulnerabilities > Marcorulicke

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2022-1618	Cross-Site Request Forgery (CSRF) vulnerability in Marcorulicke Coru Lfmember 1.0.2 The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a new game, and is lacking sanitisation as well as escaping in their settings, allowing attacker to make a logged in admin add an arbitrary game with XSS payloads network low complexity marcorulicke CWE-352	6.1

Vulnerabilities > Marcorulicke {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Marcorulicke"}]}