CVE-2004-1584
EPSS 16.0%Published: 12/31/2004Modified: 5/27/2026
Description
CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.
Affected packages (1)
- Debian/wordpressfrom 0, < 1.2.1-1.1