| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-53486 | WikiCategoryTagCloud: Reflected Cross-Site Scripting (XSS) via linkstyle attribute in parser function | Wikimedia Foundation | Mediawiki - WikiCategoryTagCloud extension | - | - | 2025-07-07 15:07:45 | Deep Dive |
| CVE-2025-7056 | Stored XSS in UrlShortener | Wikimedia Foundation | Mediawiki - UrlShortener Extension | - | - | 2025-07-07 13:57:26 | Deep Dive |
| CVE-2025-53485 | SecurePoll: Unauthorized access to SetTranslationHandler allows arbitrary text changes | Wikimedia Foundation | Mediawiki - SecurePoll extension | 中危 | - | 2025-07-04 17:39:36 | Deep Dive |
| CVE-2025-53484 | SecurePoll: Multiple locations vulnerable to Cross-Site Scripting (XSS) via unescaped input | Wikimedia Foundation | Mediawiki - SecurePoll extension | 中危 | - | 2025-07-04 17:34:24 | Deep Dive |
| CVE-2025-53483 | SecurePoll: Multiple admin actions vulnerable to Cross-Site Request Forgery | Wikimedia Foundation | Mediawiki - SecurePoll extension | 高危 | - | 2025-07-04 17:28:40 | Deep Dive |
| CVE-2025-53482 | IPInfo: Message key XSS through several IPInfo messages in infobox and popup | Wikimedia Foundation | Mediawiki - IPInfo Extension | 中危 | - | 2025-07-04 16:01:46 | Deep Dive |
| CVE-2025-53481 | Denial of service vector on ipinfo/v0/norevision | Wikimedia Foundation | Mediawiki - IPInfo Extension | 中危 | - | 2025-07-04 15:47:46 | Deep Dive |
| CVE-2025-53369 | Citizen Short Description stored XSS vulnerability through wikitext | StarCitizenTools | mediawiki-extensions-ShortDescription | High | 8.6 | 2025-07-03 19:57:55 | Deep Dive |
| CVE-2025-53370 | Citizen stored XSS vulnerability through short descriptions | StarCitizenTools | mediawiki-skins-Citizen | High | 8.6 | 2025-07-03 19:45:32 | Deep Dive |
| CVE-2025-53368 | Citizen is vulnerable to stored XSS attack in the legacy search bar | StarCitizenTools | mediawiki-skins-Citizen | High | 8.6 | 2025-07-03 19:34:50 | Deep Dive |
| CVE-2025-6926 | Security Authentication Bypass in CentralAuth | Wikimedia Foundation | Mediawiki - CentralAuth Extension | - | - | 2025-07-03 16:23:57 | Deep Dive |
| CVE-2025-53500 | Stored XSS in MassEditRegex | Wikimedia Foundation | Mediawiki - MassEditRegex Extension | - | - | 2025-07-03 16:17:38 | Deep Dive |
| CVE-2025-53501 | Content Access Bypass in Scribunto | Wikimedia Foundation | Mediawiki - Scribunto Extension | - | - | 2025-07-03 16:15:53 | Deep Dive |
| CVE-2025-53502 | HTML injection in FeaturedFeeds | Wikimedia Foundation | Mediawiki - FeaturedFeeds Extension | - | - | 2025-07-03 16:11:07 | Deep Dive |
| CVE-2025-53489 | XSS in GoogleDocs4MW | Wikimedia Foundation | Mediawiki - GoogleDocs4MW Extension | - | - | 2025-07-03 16:06:46 | Deep Dive |
| CVE-2025-53490 | Multiple XSS in CampaignEvents | Wikimedia Foundation | Mediawiki - CampaignEvents Extension | - | - | 2025-07-03 16:04:05 | Deep Dive |
| CVE-2025-53492 | Stored XSS in MintyDocs | Wikimedia Foundation | Mediawiki - MintyDocs Extension | - | - | 2025-07-02 14:41:52 | Deep Dive |
| CVE-2025-53493 | Stored XSS in MintyDocs | Wikimedia Foundation | Mediawiki - MintyDocs Extension | - | - | 2025-07-02 14:38:07 | Deep Dive |
| CVE-2025-53494 | Stored XSS in TwoColConflict | Wikimedia Foundation | Mediawiki - TwoColConflict Extension | - | - | 2025-07-02 14:24:54 | Deep Dive |
| CVE-2025-53093 | TabberNeue vulnerable to Stored XSS through wikitext | StarCitizenTools | mediawiki-extensions-TabberNeue | High | 8.6 | 2025-06-27 17:43:24 | Deep Dive |