These submissions have been marked as vulnerable due to potential security issues with the plugin. This list contains the name of the plugin, the author and a short description regarding its vulnerability. Please bear in mind that the sole purpose of this page is to inform users to avoid these plugins and to help authors address these issues.

Vulnerable Submissions

Ban List

by Paul H. Version: 1.0 1659 Downloads 12-10-2018, 05:31 PM

Staff Notes:

Database output is not cleaned. Serpius reported a separate issue and I found this while looking at that. Simply needs to use htmlspecialchars_uni() on user info...

Recent Threads On Index

by dragonexpert Version: 17.0 6929 Downloads 12-03-2018, 02:22 AM

Staff Notes:

XSS vulnerable. unmarked 2018-09-21 ~dvz status changed to approved Vulnerability not fixed. // Take into account any ignored forums if($mybb->settings['recentthread_forumskip']) { $ignoreforums = " AND t.fid NOT IN(" . $mybb->settings['recentthread_forumskip'] . ") "; } -Omar 12-2-2018

Latest Posts on Profile

by fizz Version: 1.1 791 Downloads 05-12-2018, 03:21 PM

Staff Notes:

XSS Vulnerability.