The plugin does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL.Read More ...
Continue ReadingAugust 02, 2022
The plugin does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL. ### PoC The PoC will be displayed on August 09, 2022, to give users the time to up ...
Continue ReadingAugust 02, 2022
graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion in the type definition parser.Read More ...
Continue ReadingAugust 01, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingAugust 01, 2022
Unauthenticated Coupon Codes Disclosure vulnerability discovered by Rohan Pagey in WordPress WPGraphQL WooCommerce plugin (versions Read More ...
Continue ReadingJuly 27, 2022
![](https://pbs.twimg.com/media/FYnY0TGUsAAMrta?format=jpg&name=large) _Aloha_, Spring fans! I'm on vacation, reporting to you from the paradise-like island of Maui, Hawaii, and hoping that you're ...
Continue ReadingJuly 26, 2022
# CVE-2022-2466 Request-Context-not-terminated-with-GraphQL ## ...Read More ...
Continue ReadingJuly 26, 2022
Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API framewo ...
Continue ReadingJuly 07, 2022
Back to Main