Filtered by vendor Wpgraphql
Subscriptions
Filtered by product Wpgraphql
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-25060 | 1 Wpgraphql | 1 Wpgraphql | 2024-11-21 | 5.3 Medium |
The WPGraphQL WordPress plugin before 0.3.5 doesn't properly restrict access to information about other users' roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site. |
Page 1 of 1.