Unrated severityNVD Advisory· Published Jun 10, 2019· Updated Aug 4, 2024
CVE-2019-9879
CVE-2019-9879
Description
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WPGraphQLdescription
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.htmlmitrex_refsource_MISC
- github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.pymitrex_refsource_MISC
- github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0mitrex_refsource_CONFIRM
- wpvulndb.com/vulnerabilities/9282mitrex_refsource_MISC
- www.pentestpartners.com/security-blog/pwning-wordpress-graphql/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.