Browse all 2 CVE security advisories affecting wp-graphql. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33290 | WPGraphQL Repo's updateComment allows low-privileged authenticated users to change comment moderation status (comment_approved) without moderate_comments permission — wp-graphqlCWE-862 | 4.3 | Medium | 2026-03-23 |
| CVE-2026-27938 | WPGraphQL Repo Vulnerable to Command Injection via Unsanitized GitHub Actions Expression in Release Workflow — wp-graphqlCWE-78 | 7.7 | High | 2026-02-26 |
This page lists every published CVE security advisory associated with wp-graphql. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.