CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/07/05 5:19 p.m.•6 views

CVE-2025-6926

Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2...

8.8CVSS6.3AI score0.00378EPSS

RedhatCVE•added 2025/07/05 4:20 p.m.•8 views

CVE-2025-53502

Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X...

6.5CVSS6.1AI score0.00206EPSS

RedhatCVE•added 2025/07/05 4:20 p.m.•8 views

CVE-2025-53501

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before...

8.8CVSS6.5AI score0.00309EPSS

RedhatCVE•added 2025/07/05 4:20 p.m.•6 views

CVE-2025-53489

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - GoogleDocs4MW Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - GoogleDocs4MW Extension: from 1.42.X before 1.42.7, from 1.43.X before...

5.6CVSS6.1AI score0.00219EPSS

RedhatCVE•added 2025/07/05 4:20 p.m.•10 views

CVE-2025-53500

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from...

5.6CVSS6.3AI score0.00242EPSS

NVD•added 2025/07/04 4:15 p.m.•7 views

CVE-2025-53481

Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Excessive Allocation.This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2...

7.5CVSS0.00407EPSS

Cvelist•added 2025/07/04 4:1 p.m.•8 views

CVE-2025-53482 IPInfo: Message key XSS through several IPInfo messages in infobox and popup

0.0019EPSS

Exploits0References2

Vulnrichment•added 2025/07/04 4:1 p.m.•3 views

CVE-2025-53482 IPInfo: Message key XSS through several IPInfo messages in infobox and popup

6.6AI score0.0019EPSS

Exploits0References2

CVE•added 2025/07/04 4:1 p.m.•18 views

CVE-2025-53482

The CVE-2025-53482 entry describes an XSS vulnerability in the Wikimedia Foundation MediaWiki IPInfo Extension due to improper input neutralization during web page generation. Affected versions are MediaWiki IPInfo Extension 1.39.x before 1.39.13, 1.42.x before 1.42.7, and 1.43.x before 1.43.2. T...

6.1CVSS6.2AI score0.0019EPSS

Exploits0References2

Cvelist•added 2025/07/04 3:47 p.m.•6 views

CVE-2025-53481 Denial of service vector on ipinfo/v0/norevision

0.00407EPSS

Vulnrichment•added 2025/07/04 3:47 p.m.•2 views

CVE-2025-53481 Denial of service vector on ipinfo/v0/norevision

7.2AI score0.00407EPSS

CVE•added 2025/07/04 3:47 p.m.•20 views

CVE-2025-53481

CVE-2025-53481 affects the Wikimedia Foundation Mediawiki IPInfo Extension. The issue is an Uncontrolled Resource Consumption vulnerability causing potential resource exhaustion via excessive allocation. Affected versions are: IPInfo Extension 1.39.X before 1.39.13, 1.42.X before 1.42.7, and 1.43...

7.5CVSS6.6AI score0.00407EPSS

RedhatCVE•added 2025/07/04 3:24 p.m.•6 views

CVE-2025-53494

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, fr...

6.5CVSS6.3AI score0.0023EPSS

RedhatCVE•added 2025/07/04 3:24 p.m.•6 views

CVE-2025-53493

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2...

6.5CVSS6.3AI score0.0023EPSS

RedhatCVE•added 2025/07/04 3:24 p.m.•9 views

CVE-2025-53492

3.7CVSS6.3AI score0.00239EPSS

CNNVD•added 2025/07/04 12:0 a.m.•3 views

Wikimedia Mediawiki - IPInfo Extension 安全漏洞

Wikimedia Mediawiki - IPInfo Extension is an extension from the Wikimedia Foundation for displaying IP information. A security vulnerability exists in Wikimedia Mediawiki - IPInfo Extension versions prior to 1.39.13, prior to 1.42.7, and prior to 1.43.2, which stems from uncontrolled consumption ...

7.5CVSS6.6AI score0.00407EPSS

Exploits0References4

CNNVD•added 2025/07/04 12:0 a.m.•4 views

Wikimedia Mediawiki - IPInfo Extension 安全漏洞

6.1CVSS6AI score0.0019EPSS

NVD•added 2025/07/03 5:15 p.m.•8 views

CVE-2025-6926

8.8CVSS0.00378EPSS