CVE-2004-1584
EPSS 16.0%
Description
CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.
How to fix CVE-2004-1584
To remediate CVE-2004-1584, upgrade the affected package to a fixed version below.
- Debian/wordpress—upgrade to 1.2.1-1.1 or later
Is CVE-2004-1584 being exploited?
Moderate — EPSS is 16.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.2.1-1.1