The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when ‘allow comment’ is disabled.
Source: NIST Vulnerability
CVE-2019-9881 (wpgraphql)
Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when ‘allow comment’ is disabled.
Source: NIST Vulnerability
CVE-2019-9881 (wpgraphql)