CVE-2025-62658 – SQL injection in WatchAnalytics through Special:ClearPendingReviews

CVE ID : CVE-2025-62658

Published : Oct. 20, 2025, 8:23 p.m. | 18 minutes ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in The Wikimedia Foundation MediaWiki WatchAnalytics extension allows SQL Injection.This issue affects MediaWiki WatchAnalytics extension: 1.43, 1.44.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…