WPGraphQL, CVE-2021-31157

CVE, Research URL: CVE-2021-31157
Home page URL: Security reports for WPGraphQL
Application: WPGraphQL
Published on: -
Research Description: The WPGraphQL plugin for WordPress is vulnerable to Denial of Service via field duplication in versions up to, and including, 1.3.5. This makes it possible for unauthenticated attackers to rapidly duplicate fields and queries resulting in OOM and MySQL connection errors.
Affected versions: max 1.3.5.
Status: vulnerable