CVE-2025-53499

CVE-2025-53499: Unauthorized Inspection of Protected Variables in AbuseFilter

Vendor Wikimedia Foundation

Product Mediawiki - AbuseFilter Extension

Weakness CWE-862 · Missing authorization

Published July 7, 2025

Last update July 8, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.

Key dates

02Disclosure timeline

July 7, 2025 CVE published

July 8, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-53499 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/862.html

Related vulnerabilities

04Related CVE

CVE-2026-2306 Ninja Tables <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table Creation CVE-2024-47361 WordPress Elementor Addon Elements plugin <= 1.13.6 - Broken Access Control vulnerability CVE-2024-10664 Knowledge Base documentation & wiki plugin – BasePress Docs <= 2.16.3.3 - Missing Authorization to Authenticated (Subscriber+) Database Update CVE-2025-64358 WordPress Smart Coupons for WooCommerce plugin <= 2.2.3 - Broken Access Control vulnerability CVE-2024-33956 WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Broken Access Control vulnerability