CVE-2025-53496 – Wikimedia Mediawiki MediaSearch Extension Stored XSS

July 7, 2025

CVE ID : CVE-2025-53496

Published : July 7, 2025, 8:15 p.m. | 2 hours, 29 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Wikimedia Foundation Mediawiki – MediaSearch Extension allows Stored XSS.This issue affects Mediawiki – MediaSearch Extension: from 1.39.X before 1.39.13, from 1.43.X before 1.43.2.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53540 – Arduino-ESP32 CSRF Vulnerability Allows Remote Code Execution (RCE)

Next Article CVE-2025-7140 – SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-53496 – Wikimedia Mediawiki MediaSearch Extension Stored XSS

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Advanced tracing and evaluation of generative AI agents using LangChain and Amazon SageMaker AI MLFlow

CVE-2025-37789 – OpenvSwitch Netlink Attribute Length Validation Vulnerability

Weekly JavaScript Roundup: Friday Links 21, April 18, 2025

CVE-2025-25207 – Red Hat Connectivity Link Authorino Denial of Service

CVE-2025-2261 – TIBCO ActiveMatrix Administrator Stored Cross-Site Scripting

CuteCom – graphical serial terminal

6 hidden Android features every user should know – and how they make life easier

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

CVE-2025-53496 – Wikimedia Mediawiki MediaSearch Extension Stored XSS

Related Posts