Vulnerability Details CVE-2025-32964
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.1%
CVSS Severity
CVSS v3 Score 4.6
References
Products affected by CVE-2025-32964
-
cpe:2.3:a:miraheze:managewiki:-
-
cpe:2.3:a:miraheze:managewiki:2021-04-28
-
cpe:2.3:a:miraheze:managewiki:2024-02-09
-
cpe:2.3:a:miraheze:managewiki:2025-04-20