Widgets Project Widgets — known CVE vulnerabilities
Every CVE whose affected-product data names Widgets Project Widgets, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-9382 — CVSS 5.4 (medium): An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any…
CVE-2015-6737 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or…