Description An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules. Remediation References CVE-2024-40601 Related Vulnerabilities WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.0.17) WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Multiple Cross-Site Scripting Vulnerabilities (4.21.0) WordPress Plugin PureHTML 'alter.php' SQL Injection (1.0.0) Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212) WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (2.2.7) Severity Medium Classification CVE-2024-40601 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Tags Missing Update Known Vulnerabilities