WordPress Plugin Vulnerabilities
HTTP Headers <= 1.19.2 - Administrator+ CRLF Injection via Custom Header Values
Description
The plugin is vulnerable to CRLF Injection due to insufficient sanitization of custom header name and value fields before writing them to the Apache .htaccess file via `insert_with_markers()`. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary newline characters and additional Apache directives into the .htaccess configuration file via the 'Custom Headers' settings, leading to Apache configuration parse errors and potential site-wide denial of service.
Affects Plugins
References
Classification
Type
INJECTION
OWASP top 10
CVSS
Miscellaneous
Original Researcher
Kai Aizen
Verified
No
WPVDB ID
Timeline
Publicly Published
2026-04-21 (about 2 months ago)
Added
2026-04-22 (about 2 months ago)
Last Updated
2026-04-22 (about 2 months ago)