Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-30153
An issue exists in the VisualEditor extension in MediaWiki prior to 1.31.13, and 1.32.x up to and including 1.35.x prior to 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists....
Mediawiki Mediawiki
NA
CVE-2023-29139
An issue exists in the CheckUser extension for MediaWiki up to and including 1.39.3. When a user with checkuserlog permissions makes many CheckUserLog API requests in some configurations, denial of service can occur (RequestTimeoutException or upstream request timeout).
Mediawiki Mediawiki
NA
CVE-2023-29141
An issue exists in MediaWiki prior to 1.35.10, 1.36.x up to and including 1.38.x prior to 1.38.6, and 1.39.x prior to 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
Mediawiki Mediawiki
Fedoraproject Fedora 37
NA
CVE-2023-29137
An issue exists in the GrowthExperiments extension for MediaWiki up to and including 1.39.3. The UserImpactHandler for GrowthExperiments inadvertently returns the timezone preference for arbitrary users, which can be used to de-anonymize users.
Mediawiki Mediawiki
NA
CVE-2023-29140
An issue exists in the GrowthExperiments extension for MediaWiki up to and including 1.39.3. Attackers might be able to see edits for which the username has been hidden, because there is no check for rev_deleted.
Mediawiki Mediawiki
NA
CVE-2015-10073
A vulnerability, which was classified as problematic, was found in tinymighty WikiSEO 1.2.1 on MediaWiki. This affects the function modifyHTML of the file WikiSEO.body.php of the component Meta Property Tag Handler. The manipulation of the argument content leads to cross site scr...
Tinymighty Wikiseo 1.2.1
NA
CVE-2017-20175
A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to...
Mediawiki Matomo
NA
CVE-2023-24612
The PdfBook extension up to and including 2.0.5 before b07b6a64 for MediaWiki allows command injection via an option.
Pdfbook Project Pdfbook
NA
CVE-2022-39193
An issue exists in the CheckUser extension for MediaWiki up to and including 1.39.x. Various components of this extension can expose information on the performer of edits and logged actions. This information should not allow public viewing: it is supposed to be viewable only by u...
Mediawiki Mediawiki 1.39.0
Mediawiki Mediawiki 1.39.1
NA
CVE-2023-22910
An issue exists in MediaWiki prior to 1.35.9, 1.36.x up to and including 1.38.x prior to 1.38.5, and 1.39.x prior to 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision-* fields. This allows JavaScript execution by staff/admin users who do not intentional...
Mediawiki Mediawiki
Mediawiki Mediawiki 1.39.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »