Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Wpgraphql Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2019-9879

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.

9.8CVSS

9.3AI Score

0.451EPSS

2019-06-10 06:29 PM
84
cve
cve

CVE-2019-9880

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.

9.1CVSS

9.1AI Score

0.039EPSS

2019-06-10 06:29 PM
75