cvedb.io
CVE-2025-32964
MEDIUM · CVSS 4.6
EPSS exploitation probability: 0%
Published 2025-04-22T18:16:00.847 · Last modified 2026-06-17T09:12:52.500

Summary

ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions.

Affected products

miraheze — managewiki

Does this affect you?

Add your gear to cvedb and we'll alert you only when miraheze ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.