WPGraphQL WooCommerce <= 0.11.0 – Unauthenticated Coupon Codes Disclosure

The plugin does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL.Read More ...

Continue Reading
WPGraphQL WooCommerce <= 0.11.0 – Unauthenticated Coupon Codes Disclosure

The plugin does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL. ### PoC The PoC will be displayed on August 09, 2022, to give users the time to up ...

Continue Reading
CVE-2022-37315

graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion in the type definition parser.Read More ...

Continue Reading
CVE-2022-31173

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading
WordPress WPGraphQL WooCommerce plugin <= 0.11.0 – Unauthenticated Coupon Codes Disclosure vulnerability

Unauthenticated Coupon Codes Disclosure vulnerability discovered by Rohan Pagey in WordPress WPGraphQL WooCommerce plugin (versions Read More ...

Continue Reading
This Week in Spring – July 26th, 2022

![](https://pbs.twimg.com/media/FYnY0TGUsAAMrta?format=jpg&name=large) _Aloha_, Spring fans! I'm on vacation, reporting to you from the paradise-like island of Maui, Hawaii, and hoping that you're ...

Continue Reading
Exploit for CVE-2022-2466

# CVE-2022-2466 Request-Context-not-terminated-with-GraphQL ## ...Read More ...

Continue Reading
GraphQL vs gRPC: Which One Creates More Secure APIs?

Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API framewo ...

Continue Reading

Back to Main

Subscribe for the latest news: