Description
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
Remediation
References
Related Vulnerabilities
WordPress Plugin Embed Articles Multiple Vulnerabilities (7.0.3)
WordPress Plugin demon image annotation Cross-Site Request Forgery (4.7)
WordPress Plugin YITH Advanced Refund System for WooCommerce Security Bypass (1.0.10)
Oracle Database Server Other Vulnerability (CVE-2007-1442)
WordPress Plugin Ninja Forms with File Uploads Extension Arbitrary File Upload (3.3.0)