Description Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools. Remediation References CVE-2021-27949 Related Vulnerabilities WordPress Plugin Show-Hide/Collapse-Expand Cross-Site Scripting (1.2.5) WordPress Plugin Ultimate WP Query Search Filter Cross-Site Scripting (1.0.10) WordPress Plugin Portfolio for Elementor, Image Gallery & Post Grid-PowerFolio Unspecified Vulnerability (2.3.1) PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1283) WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress SQL Injection (1.5.51) Severity Medium Classification CVE-2021-27949 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities