Description
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.
Remediation
References
Related Vulnerabilities
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.38)
WordPress Plugin All 404 Redirect to Homepage Cross-Site Scripting (1.21)
MySQL CVE-2018-2640 Vulnerability (CVE-2018-2640)
SharePoint CVE-2024-38227 Vulnerability (CVE-2024-38227)
WordPress Plugin Facebook Like Box Cross-Site Request Forgery (2.8.2)