We’d like to inform you that two security holes were found in two plugins which are very common on multiple MyBB forums out there. The affected plugins are the following:
[ SEO ] Simple Tag Cloud Plugin (Tags) by Watt
FBConnect (not available on our Mods site) by Nayar
The first was unapproved and a PM was sent to the plugin author and until the author fixes the issue it will remain unapproved on the Mods site.
The second has been updated already and the issue has been fixed. If you’re looking for the fixed version, it is available on the author’s website as well as on the MyBB community forums here.
We strongly advise you to remove the first plugin entirely from your forum and either remove the second one or install the fixed version.
We also recommend you to do the necessary searching for any data that may have been compromised.
On a side note, numerous “exploiting scripts” have been spreading throughout the internet which refer to these two vulnerabilities as if they were vulnerabilities in MyBB itself and that is not true.