Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mediawiki

mediawiki

431 tracked vulnerabilities.

CVE-2021-30153 MEDIUM

MediaWiki <1.35.2 - Info Disclosure

CVE-2021-44856 MEDIUM

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - AbuseFilter Bypass via Special:ChangeContentModel

CVE-2021-44855 MEDIUM

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Stored Cross-Site Scripting via Upload Image URL

CVE-2021-44854 MEDIUM

MediaWiki <1.35.5-1.37.1 - Info Disclosure

CVE-2021-42049 MEDIUM

MediaWiki <1.36.2 - Info Disclosure

CVE-2021-42048 MEDIUM

MediaWiki < 1.36.2 - Stored Cross-Site Scripting via Growth Extension Newcomer Home Page Footer

CVE-2021-42047 MEDIUM

MediaWiki < 1.36.2 - Stored Cross-Site Scripting via Mentor Dashboard Mentee Overview

CVE-2021-42046 MEDIUM

MediaWiki < 1.36.2 - Cross-Site Scripting in GlobalWatchlist Extension Messages

CVE-2021-42045 MEDIUM

MediaWiki < 1.36.2 - Cross-Site Scripting via SecurePoll User-Agent Header

CVE-2021-46150 MEDIUM

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Cross-Site Scripting via Special:CheckUserLog Date Handling

CVE-2021-46149 HIGH

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Denial of Service via Language Name Search

CVE-2021-46148 MEDIUM

MediaWiki <1.35.5-1.37.1 - Info Disclosure

CVE-2021-46147 HIGH

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Cross-Site Request Forgery

CVE-2021-46146 MEDIUM

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Cross-Site Scripting in WikibaseMediaInfo Caption Fields

CVE-2021-45474 MEDIUM

MediaWiki < 1.37 - Cross-Site Scripting via Special:ImportFile clientUrl Parameter

CVE-2021-45473 MEDIUM

MediaWiki <= 1.37 - Stored Cross-Site Scripting via Wikibase Item Descriptions

CVE-2021-45472 MEDIUM

MediaWiki <= 1.37 - Cross-Site Scripting via Wikibase External Identifier URL Format

CVE-2021-45471 MEDIUM

MediaWiki <= 1.37 - Authenticated Bypass of IP Block via EntitySchema Edit

CVE-2021-44858 HIGH

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Unauthenticated Private Page Access via Undo and Restore Actions

CVE-2021-45038 MEDIUM

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Private Wiki Contents Exposure via Rollback

CVE-2021-44857 MEDIUM

MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Arbitrary Page Content Replacement via mcrrestore

CVE-2021-41801 HIGH

MediaWiki ReplaceText extension through 1.41 - Incorrect Access Control

CVE-2021-41800 MEDIUM

MediaWiki < 1.36.2 - Denial of Service via Special:Contributions PoolCounter Mishandling

CVE-2021-41799 HIGH

MediaWiki < 1.36.2 - Denial of Service via ApiQueryBacklinks

CVE-2021-41798 MEDIUM

MediaWiki < 1.36.2 - Cross-Site Scripting via Month-Related Messages on Special:Search

Previous Page 6 of 18 Next

Products

mediawiki 395 core 29 cargo 9 checkuser 8 abusefilter 3 visual_editor 3 mobilefrontend 2 abuse-filter 1 createredirect 1 data-transfer 1 matomo 1 mediawik 1 mediawiki_botquery_ext 1 rss_for_mediawiki 1 rssreader 1 score 1 scribunto 1 semantic-media-wiki 1 semantic_drilldown 1 shortdescription 1 skin\ 1 wikisource_category_browser 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy