VYPR

Mang Board

by Mangboard

Source repositories

CVEs (3)

  • CVE-2021-26644HigJan 20, 2023
    risk 0.57cvss 8.8epss 0.01

    SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.

  • CVE-2025-12193MedNov 8, 2025
    risk 0.40cvss 6.1epss 0.00

    The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mp' parameter in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject…

  • CVE-2024-22306MedJan 31, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Stored XSS.This issue affects Mang Board WP: from n/a through 1.7.7.