Approved changes feed: RSS · Atom

cpe:2.3:a:wpengine:wpgraphql:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorWpengine (e497888d-6961-5f9a-82ea-2da6d8712318)
ProductWpgraphql (78481cae-9926-5f59-a9aa-f08c90b5e3c3)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-23684 vulnerable 2026-06-08 05:56:04.197993 WordPress WPGraphQL Plugin <= 1.14.5 is vulnerable to Server Side Request Forgery (SSRF)
MEDIUM (4.4)
Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5.
Published: 2023-11-13T03:01:23.142Z
Updated: 2026-04-28T16:08:00.673Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-1563 vulnerable 2026-06-08 05:39:13.462121 WPGraphQL WooCommerce <= 0.11.0 - Unauthenticated Coupon Codes Disclosure
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL.
Published: 2024-01-16T15:50:08.325Z
Updated: 2025-06-20T16:56:50.304Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.