← Back

Mediawiki

mediawiki

428 CVEs • 18 products

Products (18)

Click to collapse
Toggle
Mediawiki
mediawiki
395 CVEs
Checkuser
checkuser
8 CVEs
Cargo
cargo
7 CVEs
Abusefilter
abusefilter
3 CVEs
Visual Editor
visual_editor
3 CVEs
Mobilefrontend
mobilefrontend
2 CVEs
Mediawiki Botquery Ext
mediawiki_botquery_ext
1 CVE
Mediawik
mediawik
1 CVE
Rssreader
rssreader
1 CVE
Scribunto
scribunto
1 CVE
Skin\
skin\
1 CVE
Shortdescription
shortdescription
1 CVE
Createredirect
createredirect
1 CVE
Rss For Mediawiki
rss_for_mediawiki
1 CVE
Semantic Drilldown
semantic_drilldown
1 CVE
Wikisource Category Browser
wikisource_category_browser
1 CVE
Matomo
matomo
1 CVE
Score
score
1 CVE

CVEs (428)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-34095
1Mediawiki
1Mediawiki
May 13, 2026
May 11, 2026
0.0 NONE· v4
6.1 MEDIUM· v3
N/A· v2
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects MediaWiki: from * bef...Show more
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/ActionEntryPoint.Php, includes/Request/FauxResponse.Php. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.Show less
CVE-2026-34094
1Mediawiki
1Mediawiki
May 18, 2026
May 11, 2026
2.0 LOW· v4
3.8 LOW· v3
N/A· v2
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.
CVE-2026-34093
1Mediawiki
1Mediawiki
May 18, 2026
May 11, 2026
1.1 LOW· v4
5.3 MEDIUM· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.Php. This issue aff...Show more
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.Php. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.Show less
CVE-2026-34092
1Mediawiki
1Mediawiki
May 14, 2026
May 11, 2026
2.1 LOW· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Skin/Skin.Php. This issue affects MediaWiki: f...Show more
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Skin/Skin.Php. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.Show less
CVE-2026-34091
1Mediawiki
1Mediawiki
May 14, 2026
May 11, 2026
5.5 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.
CVE-2026-34090
1Mediawiki
1Checkuser
May 14, 2026
May 11, 2026
4.8 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2.
CVE-2026-34088
1Mediawiki
1Mediawiki
May 14, 2026
May 11, 2026
1.3 LOW· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.
CVE-2026-34087
1Mediawiki
1Mediawiki
May 14, 2026
May 11, 2026
5.1 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation OATHAuth. This issue affects OATHAuth: from * before 1.43.7, 1.44.4, 1.45.2.
CVE-2026-39841
1Mediawiki
1Cargo
Apr 15, 2026
Apr 7, 2026
6.3 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8...Show more
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.Show less
CVE-2026-39840
1Mediawiki
1Cargo
Apr 15, 2026
Apr 7, 2026
5.1 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki...Show more
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7.Show less
CVE-2026-39839
1Mediawiki
1Cargo
Apr 15, 2026
Apr 7, 2026
6.3 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8...Show more
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.Show less
CVE-2026-39837
1Mediawiki
1Cargo
Apr 15, 2026
Apr 7, 2026
6.3 MEDIUM· v4
5.4 MEDIUM· v3
N/A· v2
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.
CVE-2025-67484
1Mediawiki
1Mediawiki
Apr 14, 2026
Feb 3, 2026
0.0 NONE· v4
9.8 CRITICAL· v3
N/A· v2
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.
CVE-2025-67483
1Mediawiki
1Mediawiki
Apr 9, 2026
Feb 3, 2026
0.0 NONE· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Pag...Show more
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Page.Preview.Js. This issue affects MediaWiki: from * before 1.43.6, 1.44.3, 1.45.1.Show less
CVE-2025-67481
1Mediawiki
1Mediawiki
Apr 9, 2026
Feb 3, 2026
0.0 NONE· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Jqu...Show more
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.Show less
CVE-2025-67480
1Mediawiki
1Mediawiki
Apr 14, 2026
Feb 3, 2026
0.0 NONE· v4
6.5 MEDIUM· v3
N/A· v2
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.
CVE-2025-67478
1Mediawiki
1Checkuser
Apr 14, 2026
Feb 3, 2026
0.0 NONE· v4
8.8 HIGH· v3
N/A· v2
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.
CVE-2025-67477
1Mediawiki
1Mediawiki
Apr 9, 2026
Feb 3, 2026
0.0 NONE· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Spe...Show more
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.Show less
CVE-2025-67476
1Mediawiki
1Mediawiki
Apr 14, 2026
Feb 3, 2026
1.3 LOW· v4
4.3 MEDIUM· v3
N/A· v2
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.
CVE-2025-67475
1Mediawiki
1Mediawiki
Apr 9, 2026
Feb 3, 2026
0.0 NONE· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/C...Show more
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.Show less