Skip to content

Latest commit

 

History

History
154 lines (144 loc) · 9.5 KB

wp-graphql.md

File metadata and controls

154 lines (144 loc) · 9.5 KB
Raw

wp-graphql

Table of Contents

About

Language: php
Source: https://github.com/wp-graphql/wp-graphql
Documentation: https://www.wpgraphql.com/

Security Considerations

wp-graphql provides the following features which should be taken into consideration:

Field Suggestions Query Depth Limit Query Cost Analysis Automatic Persisted Queries Introspection Debug Mode Batch Requests

Enabled by Default		 ⚠️
Disabled by Default		 ⚠️
Disabled by Default
No Support
Enabled by Default
No Support		 ⚠️
Disabled by Default

Request Validations

Total Validation Count: 38

wp-graphql is based on graphql-php which validates the checks below as well as extra validations:

Document Validations Operation Validations Field Validations Argument Validations Fragment Validations Value Validations Directive Validations Variable Validations Misc. Validations
Executable Definitions Lone Anonymous Operation Fields on Correct Type Known Argument Names Fragments On Composite Types Known Type Names Known Directives No Undefined Variables Query Complexity
Lone Schema Definition Unique Operation Names Overlapping Fields Can Be Merged Known Argument Names On Directives Known Fragment Names Possible Type Extensions Unique Directive Names No Unused Variables Query Depth
Scalar Leafs Provided Required Arguments No Fragment Cycles Unique Enum Value Names Unique Directives Per Location Unique Variable Names Disable Introspection
Single Field Subscription Unique Argument Names No Unused Fragments Unique Operation Types Variables Are Input Types Require Authentication
Unique Input Field Names Provided Required Arguments On Directives Possible Fragment Spreads Unique Type Names Variables In Allowed Position
Unique Fragment Names Values Of Correct Type

Notable Vulnerabilities

CVE ID Date Score Description
CVE-2019-9881 2019-06-10 5.0 The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled.
CVE-2019-9880 2019-06-10 6.4 An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username.
CVE-2019-9879 2019-06-10 7.5 The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.

Security Disclosure

https://github.com/wp-graphql/wp-graphql/issues