WordPress Plugin Vulnerabilities

HTTP Headers <= 1.19.2 - Administrator+ CRLF Injection via Custom Header Values

Description

The plugin is vulnerable to CRLF Injection due to insufficient sanitization of custom header name and value fields before writing them to the Apache .htaccess file via `insert_with_markers()`. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary newline characters and additional Apache directives into the .htaccess configuration file via the 'Custom Headers' settings, leading to Apache configuration parse errors and potential site-wide denial of service.

Affects Plugins

No known fix

References

Classification

Type
INJECTION
OWASP top 10
CVSS

Miscellaneous

Original Researcher
Kai Aizen
Verified
No

Timeline

Publicly Published
2026-04-21 (about 2 months ago)
Added
2026-04-22 (about 2 months ago)
Last Updated
2026-04-22 (about 2 months ago)

Other