Vulnerabilities > Latest Posts ON Profile Project > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-11	CVE-2018-10580	Cross-site Scripting vulnerability in Latest Posts ON Profile Project Latest Posts ON Profile 1.1 The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field. network latest-posts-on-profile-project CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.