CVE-2019-9880

CRITICAL EXPLOITED IN THE WILD NUCLEI

WPGraphQL <0.2.3 - Info Disclosure

Title source: llm

Description

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.

Exploits (1)

exploitdb WORKING POC

pythonwebappsphp

https://www.exploit-db.com/exploits/46886

View Code ZIP pw:eip

Nuclei Templates (1)

WPEngine WPGraphQL 0.2.3 - Unauthenticated User Information Disclosure

CRITICALVERIFIEDby intelligent-ears

FOFA: body="/wp-content/plugins/wp-graphql/"

References (5)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html

[Exploit, Third Party Advisory] https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py

View Exploit ZIP pw:eip

[Release Notes, Third Party Advisory] https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0

[Vendor Advisory] https://wpvulndb.com/vulnerabilities/9282

[Exploit, Third Party Advisory] https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/

Scores

CVSS v3 9.1

EPSS 0.7343

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

VulnCheck KEV 2021-04-12

InTheWild.io 2021-04-12

CWE

CWE-306

Status published

Products (1)

wpengine/wpgraphql 0.2.3

Published Jun 10, 2019

Tracked Since Feb 18, 2026