The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when ‘allow comment’ is disabled.
Source: NIST
CVE-2019-9881 (wpgraphql)
Security in mind
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when ‘allow comment’ is disabled.
Source: NIST
CVE-2019-9881 (wpgraphql)