CVE-2019-9880

high-risk
Published 2019-06-10

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.

Do I need to act?

!
73.4% chance of exploitation in next 30 days
EPSS score — higher than 27% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
46886
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Wpengine

References (10)

Exploit http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentica...
Exploit https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit....
Release Notes https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0
Vendor Advisory https://wpvulndb.com/vulnerabilities/9282
Exploit https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/
Exploit http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentica...
Exploit https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit....
Release Notes https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0
Vendor Advisory https://wpvulndb.com/vulnerabilities/9282
Exploit https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/
55
/ 100
high-risk
Severity 31/34 · Critical
Exploitability 19/34 · Moderate
Exposure 5/34 · Minimal