Description
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3732)
WordPress Plugin GTM4WP Cross-Site Scripting (1.15.1)
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.3)
WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)
WordPress Plugin Captain Slider Cross-Site Scripting (1.0.6)