4 matches found
CVE-2022-1563 WPGraphQL WooCommerce <= 0.11.0 - Unauthenticated Coupon Codes Disclosure
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL...
CVE-2022-1563 WPGraphQL WooCommerce <= 0.11.0 - Unauthenticated Coupon Codes Disclosure
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL...
CVE-2022-1563 WPGraphQL WooCommerce <= 0.11.0 - Unauthenticated Coupon Codes Disclosure
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL...
CVE-2022-1563
CVE-2022-1563 affects the WordPress plugin WPGraphQL WooCommerce up to version 0.12.3 (prior to 0.12.4). The vulnerability allows unauthenticated attackers to enumerate a store’s coupon codes and values via GraphQL, exposing sensitive coupon data. This is a graphQL-accessible information disclosu...