Vulnerabilities > Latest Posts ON Profile Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-11 | CVE-2018-10580 | Cross-site Scripting vulnerability in Latest Posts ON Profile Project Latest Posts ON Profile 1.1 The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field. | 3.5 |