Description
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)
Remediation
References
Related Vulnerabilities
WordPress Plugin FormCraft-Premium WordPress Form Builder Cross-Site Scripting (3.2.31)
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5)
Oracle Database Server CVE-2009-3411 Vulnerability (CVE-2009-3411)
WordPress Plugin Search Everything SQL Injection (7.0.2)
WordPress Plugin Premium Addons for Elementor Security Bypass (4.5.1)