CVE-2025-61654 UserInfoCard: Do permission checking when getting counts of global and local edits, new articles and thanks

Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php. This issue affects Thanks: from before 1.43.4, 1.44.1...

CVE-2025-61654

CVE-2025-61654 is reported as a vulnerability in Wikimedia Foundation Thanks, specifically tied to the file includes/ThanksQueryHelper.Php. Affected software: Thanks prior to version 1.43.4 and 1.44.1. The connected documents describe the issue but do not provide concrete exploit details, affecte...

CVE-2025-61654 UserInfoCard: Do permission checking when getting counts of global and local edits, new articles and thanks

Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php. This issue affects Thanks: from before 1.43.4, 1.44.1...

CVE-2025-62661 Do permission checking when getting counts of global and local edits, new articles and thanks

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension:...

CVE-2025-62661 Do permission checking when getting counts of global and local edits, new articles and thanks

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension:...

CVE-2025-62661

The CVE-2025-62661 issue targets Wikimedia Foundation MediaWiki extensions (Thanks Extension and Growth Experiments Extension). The root cause is incorrect default permissions that allow access to functionality not properly constrained by ACLs. Affected products include the Thanks Extension and G...

CVE-2023-24369

A cross-site scripting XSS vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function...

CVE-2023-24369

A cross-site scripting XSS vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function...

CVE-2023-24369

A cross-site scripting XSS vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function...

SNadd Beta Cross Site Request Forgery

Discovered by : Septemb0x + Script Name : SNadd Beta + Download Script : http://www.phpexplorer.com/goster/1191 + Bug Description : New article can be added Exploit Codes : Baþlýk: Yazý: " name="ekle" + Greetz : BARCOD3 - Bhdr - Phreaker - Nizam-ul Mülk - Türkeþhan - SenqRonize... All Friends...