Vulnerabilities > API Bearer Auth Project

DATE CVE VULNERABILITY TITLE RISK
2019-09-15 CVE-2019-16332 Cross-site Scripting vulnerability in API Bearer Auth Project API Bearer Auth
In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
network
low complexity
api-bearer-auth-project CWE-79
6.1