Shodan
Vulnerabilities
Vulnerable Software
Mediawiki:  >> Mediawiki  >> 1.4.4  Security Vulnerabilities
CVE-2025-61640
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
CVSS Score
4.8
EPSS Score
0.0
Published
2026-02-03
CVE-2025-61634
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
CVSS Score
3.1
EPSS Score
0.0
Published
2026-02-03
CVE-2024-47913
An issue was discovered in the AbuseFilter extension for MediaWiki before 1.39.9, 1.40.x and 1.41.x before 1.41.3, and 1.42.x before 1.42.2. An API caller can match a filter condition against AbuseFilter logs even if the caller is not authorized to view the log details for the filter.
CVSS Score
5.3
EPSS Score
0.007
Published
2024-10-04
CVE-2024-40596
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. (TimelineService does not support properly suppressing.)
CVSS Score
4.3
EPSS Score
0.001
Published
2024-07-07
CVE-2024-40597
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. (The log_deleted attribute is not respected.)
CVSS Score
7.5
EPSS Score
0.004
Published
2024-07-07
CVE-2024-40598
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)
CVSS Score
4.3
EPSS Score
0.001
Published
2024-07-07
CVE-2024-40599
An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-07-07
CVE-2024-40600
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-07-07
CVE-2024-40601
An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-07-07
CVE-2024-40602
An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-07-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved