CVE-2004-1584

Name of the Vulnerable Software and Affected Versions WordPress version 1.2

Description A CRLF injection issue in the wp-login.php file allows remote attackers to perform HTTP Response Splitting attacks. This is achieved by modifying the expected HTML content from the server via the text parameter in the /wp-login.php endpoint.

Recommendations For WordPress version 1.2, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the wp-login.php file to minimize the risk of exploitation. Avoid using the text parameter in the affected endpoint until the issue is resolved.