Zinoui Http Headers
3 CVEs affecting Zinoui Http Headers. Latest disclosed: 2026-04-22. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4132 | High | 7.2 | 2026-04-22 | The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and includi… |
CVE-2026-2717 | Medium | 5.5 | 2026-04-22 | The HTTP Headers plugin for WordPress is vulnerable to CRLF Injection in all versions up to, and including, 1.19.2. This is due to insufficient sanitization of… |
CVE-2026-1379 | Medium | 4.4 | 2026-04-22 | The HTTP Headers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.19.2 due to insuf… |