mybb
Web & CMS Pluginsoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting mybb.
- CVE-2021-47934MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF5.3
- CVE-2018-25309MyBB Recent threads 17.0 Persistent Cross-Site Scripting7.2
- CVE-2018-25250MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS7.2
- CVE-2018-25249MyBB My Arcade Plugin 1.3 Persistent XSS via Comment6.4
- CVE-2018-25248MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php7.2
- CVE-2018-25247MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles6.1
- CVE-2023-53979MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities8.8
- CVE-2023-53978myBB Forums 1.8.26 Stored Cross-Site Scripting via Forum Announcements5.4
- CVE-2023-53977myBB Forums 1.8.26 Stored Cross-Site Scripting via Forum Management5.4
- CVE-2023-53976myBB Forums 1.8.26 Stored Cross-Site Scripting via Template Management5.4
- CVE-2011-10018myBB 1.6.4 Backdoor Arbitrary Command Execution9.8
- CVE-2025-48941MyBB may disclosure unviewable threads' titles in searches5.3
- CVE-2025-48940MyBB's upgrade component vulnerable to local file inclusion7.2
- CVE-2025-29460An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators...7.6
- CVE-2025-29459An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and b...7.6