CVE-2026-40762 is a HIGH severity vulnerability with a CVSS score of 7.5. It affects WPGraphQL plugin versions prior to 2.11.1, allowing unauthenticated SQL injection attacks. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
CVE-2021-47959 is a high-severity denial-of-service issue in WPGraphQL 1.3.5. According to the supplied record, an unauthenticated attacker can send batched GraphQL queries with duplicated fields to exhaust server resources, leading to out-of-memory conditions and MySQL connection errors. The supplied CVE record was published on 2026-05-15 and modified on 2026-05-18.