Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53625

The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. Several #dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. The vulnerability is fixed in 3.6.4.

Published

2025-07-10T19:15:26.883

Last Modified

2025-07-15T13:14:49.980

Status

Awaiting Analysis

Source

[email protected]

Severity

Weaknesses

Type: Primary
CWE-359

Affected Vendors & Products

References

https://github.com/Universal-Omega/DynamicPageList3/commit/a3dae0c89fb4214390c29ceffa23bbe2099986d6 ([email protected])
https://github.com/Universal-Omega/DynamicPageList3/security/advisories/GHSA-7pgw-q3qp-6pgq ([email protected])
https://github.com/Universal-Omega/DynamicPageList3/security/advisories/GHSA-7pgw-q3qp-6pgq (134c704f-9b21-4f2e-91b3-4a467353bcc0)