Is CVE-2026-4132 in the CISA KEV catalog?

No. CVE-2026-4132 is not currently on the CISA Known Exploited Vulnerabilities list.

What is the CVSS severity of CVE-2026-4132?

CVE-2026-4132 has a CVSS v3 base score of 7.2 (HIGH).

What is the EPSS score for CVE-2026-4132?

CVE-2026-4132 has an EPSS score of 1.00% (58th percentile), estimating the probability of exploitation in the next 30 days.

CVE & CISA-KEV Catalog

CVE-2026-4132

HIGH

7.2

CVSS v3

NVD

Description

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hh_htpasswd_path' option and lack of sanitization on the 'hh_www_authenticate_user' option value. The plugin allows administrators to set an arbitrary file path for the htpasswd file location and does not validate that the path has a safe file extension (e.g., restricting to .htpasswd). Additionally, the username field used for HTTP Basic Authentication is written directly into the file without sanitization. The apache_auth_credentials() function constructs the file content using the unsanitized username via sprintf('%s:{SHA}%s', $user, ...), and update_auth_credentials() writes this content to the attacker-controlled path via file_put_contents(). This makes it possible for authenticated attackers, with Administrator-level access and above, to write arbitrary content (including PHP code) to arbitrary file paths on the server, effectively achieving Remote Code Execution.

CWE-73External Control of File Name or Path

CVSS v3 Vector

Exploitability

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredHigh

User InteractionNone

ScopeUnchanged

Impact

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

1.00%probability of exploitation in 30 days

58thpercentile

Moderate risk: more likely to be exploited than 58% of all known CVEs.

References

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-04-22.