CVE-2025-6593 – “{{SITENAME}} registered email address has been changed” email sent to unverified email addresses

CVE ID : CVE-2025-6593

Published : Feb. 2, 2026, 11:01 p.m. | 15 minutes ago

Description : Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php.

This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0.

Severity: 2.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15556 – Notepad++ < 8.8.9 WinGUp Updater Lacks Update Integrity Verification

CVE-2025-12773 – Plain password is generated in the audit logs while executing update-reports-purge-settings.sh script with Brocade SANnav before 2.4.0a

CVE-2025-11173 – Reauth for enabling 2FA can be bypassed by submitting a form

CVE-2025-11261 – Stored i18n XSS exposed by security patch for T402077