CVE Alert: CVE-2025-32964
Vulnerability Summary: CVE-2025-32964
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions.
Affected Endpoints:
No affected endpoints listed.
Published Date:
4/22/2025, 6:16:00 PM
⚠️ CVSS Score:
Exploit Status:
Not ExploitedReferences:
- https://github.com/miraheze/ManageWiki/commit/00bebea43a3e3ff0157b5f04df17c1d1e88a9acd
- https://github.com/miraheze/ManageWiki/security/advisories/GHSA-ccrf-x5rp-gppr
Recommended Action:
No proposed action available. Please refer to vendor documentation for updates.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
