Description In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items. Remediation References CVE-2021-45471 Related Vulnerabilities WordPress Plugin Social Media Tab Remote Code Execution (1.0.9) WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.20) Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-35527) Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.4) WordPress Plugin Slideshow Gallery 2 'border' Parameter Cross-Site Scripting (1.1.4) Severity Medium Classification CVE-2021-45471 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities