CVE-2018-10580

Name of the Vulnerable Software and Affected Versions: MyBB "Latest Posts on Profile" plugin version 1.1

Description: The issue arises from the lack of sanitization in the tsubject field, which is used to display a user's most recent posts on their profile. This allows for XSS attacks.

Recommendations: For MyBB "Latest Posts on Profile" plugin version 1.1, consider disabling the plugin until a patch is available to prevent exploitation. As a temporary workaround, restrict access to the user profile section that displays recent posts to minimize the risk of XSS attacks.