Description
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (4.6.0)
WordPress Plugin YITH WooCommerce Multi Vendor Cross-Site Scripting (3.8.0)
WordPress Improper Authentication Vulnerability (CVE-2009-2334)
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8151)