Does Live Scores for SportsPress have any unpatched vulnerabilities?

No. All known vulnerabilities in Live Scores for SportsPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Live Scores for SportsPress compatible with WordPress 5.9.13?

According to WordPress.org data, Live Scores for SportsPress 1.9.2 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is Live Scores for SportsPress compatible with PHP 5.6+?

Live Scores for SportsPress requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Live Scores for SportsPress updated?

Live Scores for SportsPress was last updated on Apr 17, 2022. Frequent updates are generally a positive security signal.

What is Live Scores for SportsPress's security score?

Live Scores for SportsPress has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Live Scores for SportsPress Security & Risk Analysis

wordpress.org/plugins/live-scores-for-sportspress

Add Live Scores feature to SportsPress. Give your visitors the ability to view the results without refreshing your page.

200 active installs v1.9.2 PHP 5.6+ WP 4.0+ Updated Apr 17, 2022

livesportspress

B · Generally Safe

CVEs total2

Unpatched0

Last CVEAug 24, 2021

Plugin page Download

Safety Verdict

Is Live Scores for SportsPress Safe to Use in 2026?

Mostly Safe

Score 84/100

Live Scores for SportsPress is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.

2 known CVEsLast CVE: Aug 24, 2021Updated 3yr ago

Risk Assessment

The 'live-scores-for-sportspress' plugin v1.9.2 exhibits a concerning security posture due to several factors. While it has a moderate number of entry points, the presence of three unprotected AJAX handlers significantly increases the attack surface. The static analysis also reveals a complete lack of prepared statements for SQL queries, which is a critical vulnerability that can lead to SQL injection. Furthermore, a low percentage of properly escaped output suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities. The vulnerability history, including two past CVEs (one high and one medium severity), reinforces these concerns, highlighting a pattern of 'PHP Remote File Inclusion' and 'Cross-site Scripting' which are serious security flaws. Although there are no currently unpatched vulnerabilities and the taint analysis did not reveal critical or high severity flows, the combination of unprotected entry points, unescaped output, raw SQL queries, and historical vulnerabilities indicates a need for significant improvement in the plugin's security practices.

Key Concerns

Unprotected AJAX handlers (3)
0% SQL prepared statements
Low output escaping (24%)
1 High severity CVE (past)
1 Medium severity CVE (past)
Bundled outdated Freemius v1.0

Vulnerabilities

Live Scores for SportsPress Security Vulnerabilities

CVEs by Year

2 CVEs in 2021

2021

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

WF-002c6fea-4b76-47a6-9a39-1195f18aa6f6-live-scores-for-sportspresshigh · 7.2Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Live Scores for SportsPress <= 1.9.0 - Authenticated (Admin+) Local File Inclusion

Aug 24, 2021 Patched in 1.9.1 (882d)

WF-6b4087e9-071c-4cfc-b23d-ae8dd0059a2b-live-scores-for-sportspressmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Live Scores for SportsPress <= 1.9.0 - Reflected Cross-Site Scripting

Aug 24, 2021 Patched in 1.9.1 (882d)

Code Analysis

Analyzed Mar 16, 2026

Live Scores for SportsPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

261

81 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2Freemius1.0

SQL Query Safety

0% prepared2 total queries

Output Escaping

24% escaped342 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

7 flows4 with unsanitized paths

filters (includes\admin\class-lsfs-admin-events.php:23)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Live Scores for SportsPress Attack Surface

Entry Points11

Unprotected3

AJAX Handlers 10

authwp_ajax_admin_lsfs_ajax_live_startincludes\admin\class-lsfs-admin-ajax.php:19

authwp_ajax_admin_lsfs_ajax_live_endincludes\admin\class-lsfs-admin-ajax.php:20

authwp_ajax_admin_lsfs_ajax_live_pauseincludes\admin\class-lsfs-admin-ajax.php:21

authwp_ajax_admin_lsfs_ajax_live_updateincludes\admin\class-lsfs-admin-ajax.php:22

authwp_ajax_admin_lsfs_ajax_live_saveincludes\admin\class-lsfs-admin-ajax.php:23

authwp_ajax_admin_lsfs_ajax_add_scorerincludes\admin\class-lsfs-admin-ajax.php:24

authwp_ajax_admin_lsfs_ajax_remove_scorerincludes\admin\class-lsfs-admin-ajax.php:25

authwp_ajax_admin_lsfs_activate_integrationincludes\admin\class-lsfs-admin-ajax.php:27

authwp_ajax_admin_lsfs_deactivate_integrationincludes\admin\class-lsfs-admin-ajax.php:28

authwp_ajax_admin_lsfs_save_live_partincludes\admin\class-lsfs-admin-ajax.php:30

Shortcodes 1

[live_scorespro_free] includes\integrations\class-lsfs-scorespro-free.php:36

WordPress Hooks 36

actionintegration_saveincludes\abstracts\class-lsfs-integration.php:49

filterlsfs_get_live_partsincludes\admin\class-lsfs-admin-ajax.php:102

filtersportspress_config_pageincludes\admin\class-lsfs-admin-config.php:14

actionrestrict_manage_postsincludes\admin\class-lsfs-admin-events.php:14

filterparse_queryincludes\admin\class-lsfs-admin-events.php:15

filteradmin_menuincludes\admin\class-lsfs-admin-menus.php:14

filteradmin_menuincludes\admin\class-lsfs-admin-menus.php:15

actionsportspress_settings_startincludes\admin\class-lsfs-admin-menus.php:16

filtersportspress_settings_tabs_arrayincludes\admin\class-lsfs-admin-settings.php:15

filtersportspress_get_settings_pagesincludes\admin\class-lsfs-admin-settings.php:16

actioninitincludes\admin\class-lsfs-admin.php:14

actionadmin_enqueue_scriptsincludes\admin\class-lsfs-admin.php:15

actionsportspress_meta_box_performance_detailsincludes\admin\post-types\class-lsfs-performance.php:18

actionsportspress_process_sp_performance_metaincludes\admin\post-types\class-lsfs-performance.php:20

filtersportspress_settings_tabs_arrayincludes\admin\settings\class-lsfs-settings-live.php:28

actionsportspress_admin_field_delimiterincludes\admin\settings\class-lsfs-settings-live.php:30

actionsportspress_admin_field_event_layoutincludes\admin\settings\class-lsfs-settings-live.php:31

actionsportspress_admin_field_event_tabsincludes\admin\settings\class-lsfs-settings-live.php:32

actionwp_enqueue_scriptsincludes\class-lsfs-frontend-scripts.php:19

filterlsfs_get_live_partsincludes\class-lsfs-live-ajax.php:572

actioninitincludes\class-lsfs-post-types.php:24

filtersportspress_config_typesincludes\class-lsfs-post-types.php:25

filtersportspress_post_typesincludes\class-lsfs-post-types.php:26

filtersportspress_meta_boxesincludes\class-lsfs-post-types.php:27

filtersportspress_after_event_templateincludes\class-lsfs-post-types.php:28

filtersportspress_locate_templateincludes\class-lsfs-templating.php:13

actionsportspress_widgetsincludes\class-lsfs-widgets.php:18

filterlsfs_integrationsincludes\integrations\class-lsfs-notifications.php:63

actionlsfs_ajax_event_resultsincludes\integrations\class-lsfs-scorespro-free.php:37

filterlsfs_integrationsincludes\integrations\class-lsfs-scorespro-free.php:659

filterlsfs_live_event_list_main_resultsincludes\lsfs-live-functions.php:11

actioninitlive-scores-for-sportspress.php:128

actioninitlive-scores-for-sportspress.php:130

actioninitlive-scores-for-sportspress.php:131

actionplugins_loadedlive-scores-for-sportspress.php:134

actionsportspress_loadedlive-scores-for-sportspress.php:309

Maintenance & Trust

Live Scores for SportsPress Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedApr 17, 2022

PHP min version5.6

Downloads25K

Community Trust

Rating86/100

Number of ratings3

Active installs200

Alternatives

Live Scores for SportsPress Alternatives

Better Search Replace

better-search-replace

A simple plugin to update URLs or other text in a database.

1.0M 2 CVEs

WP Mail Logging

wp-mail-logging

Log, view, and resend all emails sent from your WordPress site. Great for resolving email sending issues or keeping a copy for auditing.

300K 6 CVEs

Instant Indexing for Google

fast-indexing-api

100

A very efficient yet simple plugin to take care of your indexing woos and helps get your content crawled by search bots instantly.

200K No CVEs

HubSpot All-In-One Marketing – Forms, Popups, Live Chat

leadin

The CRM, Sales, and Marketing WordPress plugin to grow your business better. Capture and engage web visitors with free live chat, forms, CRM, email ma …

200K 2 CVEs

SiteOrigin CSS

so-css

100

Powerful, simple CSS editing for WordPress. Visual controls & real-time previews for effortless site customization.

100K No CVEs

Developer Profile

Live Scores for SportsPress Developer Profile

Igor Benic

12 plugins · 2K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

479 days

View full developer profile

Detection Fingerprints

How We Detect Live Scores for SportsPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/live-scores-for-sportspress/css/lsfs-style.css/wp-content/plugins/live-scores-for-sportspress/css/lsfs-live-style.css/wp-content/plugins/live-scores-for-sportspress/js/lsfs-live-scores.js

Script Paths

/wp-content/plugins/live-scores-for-sportspress/js/lsfs-live-scores.js

Version Parameters

live-scores-for-sportspress/css/lsfs-style.css?ver=live-scores-for-sportspress/css/lsfs-live-style.css?ver=live-scores-for-sportspress/js/lsfs-live-scores.js?ver=

HTML / DOM Fingerprints

CSS Classes

lsfs-live-scores-wraplsfs-live-scores-matchlsfs-live-scores-match-score

HTML Comments

Data Attributes

data-lsfs-match-iddata-lsfs-team-id

JS Globals

LSFS_LIVE_SCORES_AJAX_URL

REST Endpoints

/wp-json/lsfs/v1/live_scores

Shortcode Output

[lsfs_live_scores]

FAQ