CVE-2019-9880

Published: Jun 10, 2019Modified: Nov 21, 2024

9.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.

Affected (1)

Products: Wpengine: Wpgraphql

Wpengine

1 product

Wpgraphql

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wpengine Wpgraphql	Version 0.2.3

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (10)

http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0

Source: cve@mitre.org

Release NotesThird Party Advisory

https://wpvulndb.com/vulnerabilities/9282

Source: cve@mitre.org

Vendor Advisory

https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/

Source: cve@mitre.org

ExploitThird Party Advisory

http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html