Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mediawiki

mediawiki

431 tracked vulnerabilities.

CVE-2023-45363 HIGH

MediaWiki < 1.35.12, 1.36.x-1.39.x < 1.39.5, 1.40.x < 1.40.1 - Denial of Service via Redirect and ConvertTitles Query

CVE-2023-3550 HIGH

Mediawiki v1.40.0 - Privilege Escalation

CVE-2023-36674 MEDIUM

MediaWiki <1.35.11, <1.38.7, <1.39.4, <1.40.1 - Auth Bypass

CVE-2023-37305 MEDIUM

MediaWiki ProofreadPage Extension < 1.39.3 - Hidden User Data Exposure via Public Interfaces

CVE-2023-37304 MEDIUM

MediaWiki < 1.39.3 - Cross-Site Scripting via DoubleWiki Column Alignment Feature

CVE-2023-37303 CRITICAL

MediaWiki < 1.39.3 - Denial of Service via CheckUser Extension Block Attempt

CVE-2023-37302 MEDIUM

MediaWiki < 1.39.3 - Cross-Site Scripting via SiteLinksView Badge Title Attribute

CVE-2023-37301 MEDIUM

MediaWiki < 1.39.3 - AbuseFilter Bypass via SubmitEntityAction

CVE-2023-37300 MEDIUM

MediaWiki < 1.39.3 - Incorrect Authorization in CheckUserLog API

CVE-2023-37256 MEDIUM

MediaWiki Cargo Extension < 1.39.3 - Stored Cross-Site Scripting via javascript: URL

CVE-2023-37255 MEDIUM

MediaWiki < 1.39.3 - Cross-Site Scripting via User-Agent HTTP Header

CVE-2023-37254 MEDIUM

MediaWiki Cargo Extension < 1.39.3 - Cross-Site Scripting via Special:CargoQuery

CVE-2023-37251 MEDIUM

MediaWiki < 1.39.3 - Stored Cross-Site Scripting via GoogleAnalyticsMetrics Extension

CVE-2023-36675 MEDIUM

MediaWiki <1.35.11, <1.36-1.38.7, <1.39.4 - XSS

CVE-2023-29141 CRITICAL

MediaWiki <1.35.10, <1.36, <1.38.6, <1.39.3 - Info Disclosure

CVE-2023-29140 MEDIUM

MediaWiki <1.39.3 - Info Disclosure

CVE-2023-29139 MEDIUM

MediaWiki < 1.39.3 - Denial of Service via CheckUserLog API Request Flood

CVE-2023-29137 MEDIUM

MediaWiki <1.39.3 - Info Disclosure

CVE-2023-22912 MEDIUM

MediaWiki <1.35.9, <1.38.5, <1.39.1 - Info Disclosure

CVE-2023-22910 MEDIUM

MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - Cross-Site Scripting via Wikibase Date Formatting

CVE-2023-22945 MEDIUM

MediaWiki GrowthExperiments < 1.39.0 - Incorrect Authorization in Mentor List Management

CVE-2023-22911 MEDIUM

MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - XSS via E-Widgets HTML Attribute

CVE-2023-22909 MEDIUM

MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - Denial of Service via SpecialMobileHistory

CVE-2022-48614 MEDIUM

Semantic MediaWiki < 4.0.2 - Reflected Cross-Site Scripting via Special:Ask

CVE-2022-41766 MEDIUM

MediaWiki <1.35.8-1.37.5-1.38.3 - Info Disclosure

Previous Page 4 of 18 Next

Products

mediawiki 395 core 29 cargo 9 checkuser 8 abusefilter 3 visual_editor 3 mobilefrontend 2 abuse-filter 1 createredirect 1 data-transfer 1 matomo 1 mediawik 1 mediawiki_botquery_ext 1 rss_for_mediawiki 1 rssreader 1 score 1 scribunto 1 semantic-media-wiki 1 semantic_drilldown 1 shortdescription 1 skin\ 1 wikisource_category_browser 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy