VYPR

Visual Editor

by MediaWiki

CVEs (4)

  • CVE-2025-61656MedFeb 3, 2026
    risk 0.40cvss 6.1epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from * before…

  • CVE-2025-61655MedFeb 3, 2026
    risk 0.40cvss 6.1epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArtic…

  • CVE-2021-30153Apr 15, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It…

  • CVE-2019-19708Dec 11, 2019
    risk 0.00cvss epss 0.01

    The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.