CVE-2019-9881

MEDIUM EXPLOITED IN THE WILD NUCLEI

WPGraphQL 0.2.3 - XSS

Title source: llm

Description

The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled.

Exploits (1)

exploitdb WORKING POC

by Simone Quatrini · pythonwebappsphp

https://www.exploit-db.com/exploits/46886

View Code ZIP pw:eip

Nuclei Templates (1)

WPEngine WPGraphQL 0.2.3 - Unauthenticated Comment Posting

MEDIUMVERIFIEDby intelligent-ears

Shodan: http.title:"WordPress" "graphql"

FOFA: body="/wp-content/plugins/wp-graphql/"

References (5)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html

[Exploit, Third Party Advisory] https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py

[Release Notes, Third Party Advisory] https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0

[Release Notes, Third Party Advisory] https://wpvulndb.com/vulnerabilities/9282

[Exploit, Third Party Advisory] https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/

Scores

CVSS v3 5.3

EPSS 0.3068

EPSS Percentile 96.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

VulnCheck KEV 2021-04-12

InTheWild.io 2021-04-12

CWE

CWE-306

Status published

Products (1)

wpengine/wpgraphql 0.2.3

Published Jun 10, 2019

Tracked Since Feb 18, 2026