CVE-2026-4132
CVE-2026-4132 affects the WordPress HTTP Headers plugin up to version 1.19.2. The vulnerability arises from insufficient validation of the htpasswd path (hh_htpasswd_path) and lack of sanitization of the hh_www_authenticate_user value, allowing an authenticated Administrator+ to cause Remote Code...