CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mybb: >> My Arcade >> 1.3 Security Vulnerabilities

CVE-2018-25249

MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add crafted HTML and JavaScript payloads in the comment field that execute when other users view or edit the comment.

CVSS Score

6.4

EPSS Score

0.0

Published

2026-04-04

Page 1

Vulnerabilities

Vulnerable Software

Mybb: >> My Arcade >> 1.3 Security Vulnerabilities

Products

Pricing

Contact Us