Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0xb9 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-244881
WordPress Post Grid plugin version 2.1.1 suffers from a cross site scripting vulnerability.
6.1
CVSSv3
CVE-2019-9650
An XSS issue exists in upcoming_events.php in the Upcoming Events plugin prior to 1.33 for MyBB via a crafted name for an event.
Upcoming Events Project Upcoming Events
1 EDB exploit
6.1
CVSSv3
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period.
Mybb Active Threads 1.3.0
6.5
CVSSv3
CVE-2018-17996
LayerBB prior to 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
Layerbb Layerbb 1.1.2
1 EDB exploit
6.5
CVSSv3
CVE-2018-11502
An issue exists in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
Moderator Log Notes Project Moderator Log Notes 1.1
1 EDB exploit
NA
CVE-2019-69791
MyBB IP History Logs plugin version 1.0.2 suffers from a cross site scripting vulnerability.
4.8
CVSSv3
CVE-2019-3501
The OUGC Awards plugin prior to 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile.
Ougc Awards Project Ougc Awards
1 EDB exploit
6.1
CVSSv3
CVE-2022-28353
In the External Redirect Warning Plugin 1.3 for MyBB, the redirect URL (aka external.php?url=) is vulnerable to XSS.
External Redirect Warning Project External Redirect Warning 1.3
5.4
CVSSv3
CVE-2023-27890
The Export User plugin up to and including 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Export User Project Export User
NA
CVE-2018-145751
MyBB Trash Bin plugin version 1.1.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »