Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mediawiki

mediawiki

431 tracked vulnerabilities.

CVE-2021-42044 MEDIUM

MediaWiki < 1.36.2 - Stored Cross-Site Scripting in GrowthExperiments Mentor Dashboard Messages

CVE-2021-42043 MEDIUM

MediaWiki < 1.36.2 - Cross-Site Scripting via Special:MediaSearch intitle: Operator

CVE-2021-42042 MEDIUM

MediaWiki < 1.36.2 - Stored Cross-Site Scripting in GrowthExperiments Extension

CVE-2021-42041 MEDIUM

MediaWiki < 1.36.2 - Stored Cross-Site Scripting via CentralAuth Rightsnone Message

CVE-2021-42040 HIGH

MediaWiki < 1.36.2 - Denial of Service via Loops Extension Infinite Loop

CVE-2021-31556 CRITICAL

MediaWiki <1.35.2 - Info Disclosure

CVE-2021-36132 HIGH

MediaWiki < 1.36 - Incorrect Authorization in FileImporter Extension

CVE-2021-36131 MEDIUM

MediaWiki < 1.36 - Authenticated Stored Cross-Site Scripting in SportsTeams Extension

CVE-2021-36130 MEDIUM

MediaWiki < 1.36 - Authenticated Stored Cross-Site Scripting in SocialProfile Gift Data Fields

CVE-2021-36129 MEDIUM

MediaWiki <1.36 - Privilege Escalation

CVE-2021-36128 CRITICAL

MediaWiki < 1.36 - Improper Handling of Exceptional Conditions in CentralAuth Autoblocks

CVE-2021-36127 MEDIUM

MediaWiki < 1.36 - Insecure Storage of Sensitive Information via Special:GlobalUserRights

CVE-2021-36126 CRITICAL

MediaWiki < 1.36 - Denial of Service via AbuseFilter Block Message Fallback

CVE-2021-36125 HIGH

MediaWiki < 1.36 - Denial of Service via Special:GlobalRenameRequest Infinite Loop

CVE-2021-35197 HIGH

MediaWiki < 1.31.15, 1.32.x-1.35.x < 1.35.3, 1.36.x < 1.36.1 - Incorrect Authorization via Purge API

CVE-2021-31555 HIGH

MediaWiki < 1.35.2 - Improper Input Validation in Oauth Extension

CVE-2021-31554 MEDIUM

MediaWiki < 1.35.2 - Incorrect Authorization in AbuseFilter Extension

CVE-2021-31553 MEDIUM

MediaWiki < 1.35.2 - Denial of Service via CheckUser Extension Username Handling

CVE-2021-31552 MEDIUM

MediaWiki < 1.35.2 - Incorrect Authorization in AbuseFilter Account Creation Rules

CVE-2021-31551 MEDIUM

MediaWiki < 1.35.2 - Cross-Site Scripting via PageForms Token Query Parameters

CVE-2021-31550 MEDIUM

MediaWiki CommentBox extension < 1.35.2 - Cross-Site Scripting via Crafted Configuration Variables

CVE-2021-31549 MEDIUM

MediaWiki < 1.35.2 - Exposure of Suppressed Usernames via AbuseFilter Examine Form

CVE-2021-31548 MEDIUM

MediaWiki < 1.35.2 - Incorrect Authorization in AbuseFilter Extension

CVE-2021-31547 MEDIUM

MediaWiki < 1.35.2 - Exposure of Sensitive Information via AbuseFilterCheckMatch API

CVE-2021-31546 MEDIUM

MediaWiki < 1.35.2 - Sensitive Information Disclosure in AbuseFilter Log

Previous Page 7 of 18 Next

Products

mediawiki 395 core 29 cargo 9 checkuser 8 abusefilter 3 visual_editor 3 mobilefrontend 2 abuse-filter 1 createredirect 1 data-transfer 1 matomo 1 mediawik 1 mediawiki_botquery_ext 1 rss_for_mediawiki 1 rssreader 1 score 1 scribunto 1 semantic-media-wiki 1 semantic_drilldown 1 shortdescription 1 skin\ 1 wikisource_category_browser 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy