CVE-2018-25250

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users visit the attacker's profile page.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://community.mybb.com/mods.php?action=view&pid=910	Permissions Required Product
https://www.exploit-db.com/exploits/44339	Exploit VDB Entry
https://www.vulncheck.com/advisories/mybb-last-user-s-threads-in-profile-plugin-persistent-xss	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mybb:last_user_threads:*:*:*:*:*:mybb:*:*

History

20 Apr 2026, 14:31

Type	Values Removed	Values Added
First Time		Mybb last User Threads Mybb
CPE		cpe:2.3:a:mybb:last_user_threads::::::mybb::*
References	~~() https://community.mybb.com/mods.php?action=view&pid=910 -~~	() https://community.mybb.com/mods.php?action=view&pid=910 - Permissions Required, Product
References	~~() https://www.exploit-db.com/exploits/44339 -~~	() https://www.exploit-db.com/exploits/44339 - Exploit, VDB Entry
References	~~() https://www.vulncheck.com/advisories/mybb-last-user-s-threads-in-profile-plugin-persistent-xss -~~	() https://www.vulncheck.com/advisories/mybb-last-user-s-threads-in-profile-plugin-persistent-xss - Third Party Advisory

04 Apr 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-04-04 14:16

Updated : 2026-04-20 14:31

NVD link : CVE-2018-25250

Mitre link : CVE-2018-25250

CVE.ORG link : CVE-2018-25250

JSON object : View

Products Affected

mybb

last_user_threads

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2018-25250", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-04-04T14:16:21.033", "references": [{"url": "https://community.mybb.com/mods.php?action=view&pid=910", "tags": ["Permissions Required", "Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/44339", "tags": ["Exploit", "VDB Entry"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/mybb-last-user-s-threads-in-profile-plugin-persistent-xss", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users visit the attacker's profile page."}], "lastModified": "2026-04-20T14:31:19.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mybb:last_user_threads:*:*:*:*:*:mybb:*:*", "vulnerable": true, "matchCriteriaId": "CC9E2673-C62D-42E1-A807-70520B2EB458", "versionEndIncluding": "1.2"}], "operator": "OR"}]}], "sourceIdentifier": "disclosure@vulncheck.com"}