This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical Access Control Error in **WPGraphQL** (v0.2.3). <br>β οΈ **Consequences**: Attackers can bypass security to register **Admin** accounts. Total site compromise is imminent! π
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: Flawed logic in the `registerUser` mutation. <br>β **Flaw**: No proper permission checks for user creation. <br>π **CWE**: Access Control Error (Implicit in description).
Q3Who is affected? (Versions/Components)
π― **Affected**: WordPress sites using **WPGraphQL** plugin. <br>π¦ **Version**: Specifically **v0.2.3**. <br>π **Context**: PHP/MySQL blog platforms.
Q4What can hackers do? (Privileges/Data)
π **Hackers Can**: <br>1οΈβ£ Register new users. <br>2οΈβ£ Grant **Admin Privileges** automatically. <br>3οΈβ£ Gain full control over the WordPress dashboard. π
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Threshold**: **LOW**. <br>π **Auth**: Remote (No login needed). <br>βοΈ **Config**: Only requires **User Registration** to be enabled on the site. Easy to trigger!
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Public Exp?**: **YES**. <br>π **PoC**: Available on GitHub (pentestpartners/snippets). <br>π οΈ **Tools**: Nuclei templates exist. Wild exploitation is highly likely.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1οΈβ£ Scan for WPGraphQL plugin version. <br>2οΈβ£ Check if `registerUser` mutation is exposed. <br>3οΈβ£ Use Nuclei templates for automated detection. π‘
Q8Is it fixed officially? (Patch/Mitigation)
β **Fixed?**: **YES**. <br>π¦ **Patch**: Upgrade to **v0.3.0** or later. <br>π **Source**: Official GitHub release notes confirm the fix.