Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MyBB — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting MyBB. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by MyBB:MyBBmyBB forumsMyBB Like PluginMyBB Downloads PluginMyBB Last User's Threads in Profile PluginMyBB My Arcade Plugin
CVE IDTitleCVSSSeverityPublished
CVE-2018-25250 MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS — MyBB Last User's Threads in Profile PluginCWE-79 7.2 High2026-04-04
CVE-2018-25249 MyBB My Arcade Plugin 1.3 Persistent XSS via Comment — MyBB My Arcade PluginCWE-79 6.4 Medium2026-04-04
CVE-2018-25248 MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php — MyBB Downloads PluginCWE-79 7.2 High2026-04-04
CVE-2018-25247 MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles — MyBB Like PluginCWE-79 6.1 Medium2026-04-04
CVE-2023-53979 MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities — MyBBCWE-22 8.8 High2025-12-22
CVE-2023-53978 myBB Forums 1.8.26 Stored Cross-Site Scripting via Forum Announcements — myBB forumsCWE-79 5.4 Medium2025-12-22
CVE-2023-53976 myBB Forums 1.8.26 Stored Cross-Site Scripting via Template Management — myBB forumsCWE-79 5.4 Medium2025-12-22
CVE-2023-53977 myBB Forums 1.8.26 Stored Cross-Site Scripting via Forum Management — myBB forumsCWE-79 5.4 Medium2025-12-22
CVE-2025-48941 MyBB may disclosure unviewable threads' titles in searches — mybbCWE-1230 5.3 Medium2025-06-02
CVE-2025-48940 MyBB's upgrade component vulnerable to local file inclusion — mybbCWE-22 7.2 High2025-06-02
CVE-2024-23335 Backups directory .htaccess deletion in. MyBB — mybbCWE-20 4.7 Medium2024-05-01
CVE-2024-23336 Incomplete disallowed remote addresses list in MyBB — mybbCWE-918 5.0 Medium2024-05-01
CVE-2023-46251 Visual editor persistent Cross-site Scripting (XSS) in MyBB — mybbCWE-79 7.5 High2023-11-06
CVE-2022-39265 Mail settings' command parameter injection in mybb — mybbCWE-74 7.2 High2022-10-06
CVE-2022-24734 Remote code execution in mybb — mybbCWE-94 7.2 High2022-03-09
CVE-2020-15139 XSS in MyBB — MyBBCWE-79 8.8 High2020-08-10

This page lists every published CVE security advisory associated with MyBB. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.