Filtered by vendor Mybb
Subscriptions
Filtered by product Mybb Downloads Plugin
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25248 | 1 Mybb | 2 Mybb, Mybb Downloads Plugin | 2026-04-06 | 7.2 High |
| MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators validate the download in downloads.php. | ||||
Page 1 of 1.