MediaWiki Extension Vulnerability Affecting ManageWiki by Miraheze

CVE-2025-32964

What is CVE-2025-32964?

The ManageWiki extension for MediaWiki has a vulnerability that allows conflicting extensions to be automatically disabled, potentially exposing users to permission issues. When a restricted extension is enabled, it inadvertently disables other extensions without requiring the appropriate user rights. This flaw can be mitigated by ensuring that any extensions relying on specific permissions in $wgManageWikiExtensions also necessitate those permissions for managing conflicting extensions. The issue has been addressed in commit 00bebea.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References