Mybb: >> Thankyou/like System Security Vulnerabilities
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the viewer's browser.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-04-04