Remote Code Execution Vulnerability in WPGraphQL 0.2.3 Plugin for WordPress

Remote Code Execution Vulnerability in WPGraphQL 0.2.3 Plugin for WordPress

CVE-2019-9879 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.

Learn more about our Wordpress Pen Testing.