CVE-2026-3178

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

Linux Distros Unpatched Vulnerability : CVE-2019-12468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for...

DEBIAN-CVE-2019-12472

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks $wgBlockCIDRLimit by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

MediaWiki Cross-Site Request Forgery Vulnerability (CNVD-2019-36873)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A cross-site request forgery vulnerability exists in MediaWiki 1.32.1 and pri...

MediaWiki cross-site scripting vulnerability (CNVD-2019-36870)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki versions 1.30.0...