CVE-2025-68604

Name of the Vulnerable Software and Affected Versions WPGraphQL versions prior to 2.5.4

Description A Cross-Site Request Forgery (CSRF) flaw in WPGraphQL allows an attacker to induce a user to perform unintended actions. CSRF is a type of attack where a malicious website tricks a user's browser into sending an unauthorized request to a web application where the user is authenticated.

Recommendations Update to version 2.5.4 or later.