CVE-2025-53498 Lack of Audit Logging in AbuseFilter

Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2...

CVE-2025-53499

The CVE-2025-53499 issue affects the Wikimedia Foundation MediaWiki AbuseFilter Extension (versions 1.43.x prior to 1.43.2). The root cause is a Missing Authorization flaw in the AbuseFilter API (abusefiltercheckmatch), allowing unauthorized access to protected variables. Documented impact is hig...

CVE-2025-53495

CVE-2025-53495 — Missing Authorization vulnerability in the Wikimedia Foundation MediaWiki AbuseFilter Extension. The issue allows unauthorized access to sensitive information (IP reputation data) via AbuseFilter without proper authorization. Affected component: mediawiki/abuse-filter extension p...

CVE-2025-53495 Unauthorized Disclosure of IP Reputation in AbuseFilter

Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2...

CVE-2025-53491

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2...

CVE-2025-53497

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2...

CVE-2025-53497 Stored XSS in RelatedArticles

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2...

CVE-2025-53497 Stored XSS in RelatedArticles

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2...

CVE-2025-53497

CVE-2025-53497 is a Stored XSS in the Wikimedia Foundation MediaWiki RelatedArticles Extension. The issue affects versions 1.43.X prior to 1.43.2 and arises from improper neutralization of input during web page generation. The documented impact is stored cross-site scripting. Remediation, where p...

CVE-2025-53491 XSS in FlaggedRevs

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2...

CVE-2025-53491

CVE-2025-53491 is an XSS vulnerability in the Wikimedia Foundation MediaWiki – FlaggedRevs extension, due to improper input neutralization during web page generation. Affected: FlaggedRevs extension versions 1.43.X before 1.43.2 (up to 1.43.1). Impact: Cross‑Site Scripting with low integrity/priv...

CVE-2025-7057

CVE-2025-7057 corresponds to a stored XSS vulnerability in the Wikimedia Foundation MediaWiki Quiz Extension. According to connected PT-Security data, this affects Quiz Extension versions 1.39.X through 1.39.12, 1.42.X through 1.42.6, and 1.43.X through 1.43.1. The root cause is improper neutrali...

CVE-2025-7057 Stored XSS in Quiz

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - Quiz Extension allows Stored XSS.This issue affects Mediawiki - Quiz Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before...

CVE-2025-7056

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.This issue affects Mediawiki - UrlShortener Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2...

CVE-2025-7056 Stored XSS in UrlShortener

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.This issue affects Mediawiki - UrlShortener Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2...

CVE-2025-7056 Stored XSS in UrlShortener

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.This issue affects Mediawiki - UrlShortener Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2...

CVE-2025-7056

Summary (CVE-2025-7056) : A stored cross-site scripting (XSS) vulnerability exists in the Wikimedia Foundation MediaWiki UrlShortener extension. The flaw stems from improper neutralization of input during web page generation, allowing stored XSS. Affected versions are MediaWiki UrlShortener Exten...

Wikimedia Mediawiki - AbuseFilter Extension 安全漏洞

Wikimedia Mediawiki - AbuseFilter Extension is an abuse filter from the Wikimedia Foundation. A security vulnerability exists in Wikimedia Mediawiki - AbuseFilter Extension versions prior to 1.39.13, prior to 1.42.7, and prior to 1.43.2, which stems from insufficient logging and could lead to a...

Wikimedia Mediawiki - RelatedArticles Extension 安全漏洞

Wikimedia Mediawiki - RelatedArticles Extension is a Wikimedia Foundation extension for recommending related pages. A security vulnerability exists in Wikimedia Mediawiki - RelatedArticles Extension versions prior to 1.43.2, which stems from improper input neutralization and could lead to a store...

Wikimedia Mediawiki - Quiz Extension 安全漏洞

Wikimedia Mediawiki - Quiz Extension is a quiz tool extension from the Wikimedia Foundation. A security vulnerability exists in Wikimedia Mediawiki - Quiz Extension versions prior to 1.39.13, prior to 1.42.7, and prior to 1.43.2, which stems from improper input neutralization and could lead to...