Description
WordPress Plugin WPGraphQL is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently create administrative users, post comments on articles bypassing article restrictions and global moderation, retrieve content of password-protected posts/articles/pages, retrieve full list of registered users, or retrieve full list of media, comments, themes and plugins. WordPress Plugin WPGraphQL version 0.2.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.3.0 or latest
References
https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/
https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py
https://www.exploit-db.com/exploits/46886
https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0
Related Vulnerabilities
WordPress Plugin Visitor Traffic Real Time Statistics Cross-Site Request Forgery (2.12)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1559)
Ruby Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31810)
Oracle Database Server CVE-2008-1817 Vulnerability (CVE-2008-1817)
WordPress Plugin Cart All In One For WooCommerce Cross-Site Request Forgery (1.1.10)