miraheze Summary

Latest vulnerabilities published by miraheze

10 July 2025

24 April 2025

22 April 2025

21 April 2025

9 October 2024

7 October 2024

2 October 2024

14 May 2024

28 March 2024

26 March 2024

9 February 2024

8 February 2024

4 April 2022

1 September 2021

20 July 2021

28 June 2021

28 April 2021

miraheze Summary

Vulnerability Published:

Sort By:

10 July 2025

Remote Code Execution and Denial of Service Vulnerabilities in MediaWiki Extension by Miraheze

24 April 2025

Reflected and Stored XSS Vulnerability in ManageWiki by MediaWiki

22 April 2025

MediaWiki Extension Vulnerability Affecting ManageWiki by Miraheze

21 April 2025

SQL Injection Vulnerability in ManageWiki MediaWiki Extension

9 October 2024

Vulnerability in ImportDump MediaWiki Extension Allows User Impersonation

7 October 2024

Arbitrary HTML injection vulnerability in Special:RequestWikiQueue

XSS Vulnerability in WikiDiscover Could Allow Attackers to Execute Malicious Code

2 October 2024

Cross-Site Scripting Vulnerability in DataDump MediaWiki Extension

14 May 2024

CreateWiki vulnerable to impersonation of wiki requester

28 March 2024

Suppressed Wiki Requests May Have Been Exposed to Private Wikis Due to Oversight

Suppressed Wiki Requests Vulnerability in Miraheze's MediaWiki Extension

26 March 2024

Suppression of wiki requests not working as intended, exposing sensitive information

9 February 2024

Cross Site Scripting Vulnerability in ManageWiki

8 February 2024

XSS Vulnerability in WikiDiscover Due to Unescaped Interface Messages

4 April 2022

Authentication Bypass Using an Alternate Path or Channel in CreateWiki

1 September 2021

Improper Input Validation in GlobalNewFiles

20 July 2021

Cross-Site Request Forgery (CSRF) in DataDump

28 June 2021

Uncontrolled Resource Consumption in GlobalNewFiles

28 April 2021

wikiconfig API leaked private config variables set through ManageWiki