2 matches found
CVE-2019-16332
CVE-2019-16332 affects the WordPress API Bearer Auth plugin prior to 20190907. The vulnerability arises from improper filtering of the server parameter in swagger-config.yaml.php, enabling cross-site scripting (XSS) and injection of malicious scripts. The issue is documented across multiple sourc...
CVE-2019-16332
In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS...