Wpengine: >> Wpgraphql >> 0.10.2 Security Vulnerabilities
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL.
CVSS Score
5.3
EPSS Score
0.005
Published
2024-01-16
Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5.
CVSS Score
4.4
EPSS Score
0.001
Published
2023-11-13