ReportizFlow
Filtered by vendor Mediawiki
Subscriptions
Total
481 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-61634 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-17 | 3.1 Low |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-61636 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-16 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-61637 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-16 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-61638 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Parsoid | 2026-03-16 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * before 0.16.6, 0.20.4, 0.21.1. | ||||
| CVE-2025-61639 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-16 | 4.8 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-61640 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-16 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-61645 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-06 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects MediaWiki: from * before 1.44.1. | ||||
| CVE-2025-6927 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | 5.3 Medium |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, includes/api/ApiQueryBlocks.Php. This issue affects MediaWiki: from >= 1.42.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0. | ||||
| CVE-2025-6597 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | 0.0 Low |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0. | ||||
| CVE-2025-6589 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | N/A |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php. This issue affects MediaWiki: >= 1.42.0. | ||||
| CVE-2025-67484 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | 4.7 Medium |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1. | ||||
| CVE-2025-67480 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | N/A |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1. | ||||
| CVE-2025-61646 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | N/A |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-61641 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-03 | N/A |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | ||||
| CVE-2025-67476 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-02 | 4.3 Medium |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php. This issue affects MediaWiki: from * before 1.44.3, 1.45.1. | ||||
| CVE-2025-6591 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-02-28 | N/A |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0. | ||||
| CVE-2026-0668 | 3 Mediawiki, Wikimedia, Wikisphere | 3 Mediawiki, Mediawiki-visualdata Extension, Visualdata | 2026-02-24 | 5.3 Medium |
| Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45. | ||||
| CVE-2026-0669 | 3 Css Project, Mediawiki, Wikimedia | 3 Css, Mediawiki, Mediawiki-css Extension | 2026-02-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39. | ||||
| CVE-2026-0670 | 3 Mediawiki, Wikimedia, Wikisource | 3 Mediawiki, Mediawiki-proofreadpage Extension, Proofread Page | 2026-02-23 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting (XSS).This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39. | ||||
| CVE-2026-22710 | 2 Mediawiki, Wikimedia | 3 Mediawiki, Mediawiki-wikibase Extension, Wikibase | 2026-02-12 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39. | ||||