EIP-2026-113481
PRE-CVEWordPress Core 1.2 - 'wp-login.php' HTTP Response Splitting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113481. PoCs published by Chaotic Evil.
AI-analyzed exploit summary This exploit demonstrates an HTTP response splitting vulnerability in WordPress by injecting malicious headers and content into a POST request to wp-login.php. The attack manipulates the server's response to include arbitrary content, potentially leading to cache poisoning or phishing attacks.
Description
WordPress Core 1.2 - 'wp-login.php' HTTP Response Splitting
Exploits (1)
This exploit demonstrates an HTTP response splitting vulnerability in WordPress by injecting malicious headers and content into a POST request to wp-login.php. The attack manipulates the server's response to include arbitrary content, potentially leading to cache poisoning or phishing attacks.