Vulnerabilidades em Wikimedia Foundation
118 resultadosCVE-2025-53499CRITICALUnauthorized Inspection of Protected Variables in AbuseFilterEPSS 0.3%CVE-2025-23080MEDIUMXSSes in Special:BadgeViewEPSS 0.3%CVE-2025-52738MEDIUMWordPress Wikipedia Preview plugin <= 1.15.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32696NONE"reupload-own" restriction can be bypassed by reverting fileEPSS 0.3%CVE-2026-34090MEDIUMSuggested investigations: Handle suppressed usernamesEPSS 0.3%CVE-2025-61634NONEHTML rest endpoint needs PoolCounter and proper parser cache checkEPSS 0.3%CVE-2025-61641LOWAPI list=allpages with maxsize is making really slow queriesEPSS 0.3%CVE-2025-67479NONEMagic word replacement in legacy parser allows using reserved data attributes through wikitextEPSS 0.3%CVE-2025-6595NONEImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaEPSS 0.3%CVE-2025-6594NONEXSS in Special:ApiSandboxEPSS 0.3%CVE-2026-34087MEDIUMUsers API leaks whether privileged users have their user groups disabled for lack of 2FAEPSS 0.3%CVE-2025-67476LOWImporting leaks IP address of importer via EventStreamsEPSS 0.3%CVE-2026-5762MEDIUMReportIncident DiscussionTools integration causes slow requestsEPSS 0.3%CVE-2025-61652LOWAction API discussiontoolspageinfo does not check for authorizeRead for the pageEPSS 0.3%CVE-2025-53485HIGHSecurePoll: Unauthorized access to SetTranslationHandler allows arbitrary text changesEPSS 0.3%CVE-2026-0817MEDIUMCampaignEvents API missing authorization exposes meeting and chat URLsEPSS 0.3%CVE-2025-61644NONEi18n XSS through Special:WatchlistEPSS 0.2%CVE-2025-61657NONEImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. ThEPSS 0.2%CVE-2025-61650LOWUserInfoCard is vulnerable to message key stored XSSEPSS 0.2%CVE-2026-5266LOWExposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo.
This vulnerability is associated wiEPSS 0.2%