Tag

WHM

5 briefs RSS

WHM, cPanel, and WP Squared Vulnerability Allows Remote Code Execution

A vulnerability exists in WHM, cPanel, and WP Squared, Linux-based web hosting control panels, which could allow for remote code execution by bypassing authentication and gaining administrative access.

cPanel +2 vulnerability rce whm wp squared linux

2r 1t May 4, 2026

critical advisory

cPanel and WHM Authentication Bypass Vulnerability (CVE-2026-41940)

2 rules 1 TTP 1 CVE

An authentication bypass vulnerability in cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 allows unauthenticated remote attackers to gain unauthorized access to the control panel.

WHM +1 cpanel authentication-bypass CVE-2026-41940 webserver

2r 1t 1c Apr 29, 2026

high advisory

cPanel/WHM Local Privilege Escalation Vulnerability

2 rules 1 TTP

A local attacker can exploit a vulnerability in cPanel/WHM to escalate their privileges.

privilege-escalation cpanel whm

2r 1t Apr 1, 2026

high advisory

Multiple Vulnerabilities in cPanel/WHM

2 rules 2 TTPs

An anonymous remote attacker can exploit multiple vulnerabilities in cPanel/WHM to bypass security measures, perform XSS and SSRF attacks, disclose information, and potentially execute code.

cPanel WHM XSS SSRF vulnerability

2r 2t Mar 24, 2026

critical advisory

WebPros cPanel & WHM and WP2 Authentication Bypass Vulnerability (CVE-2026-41940)

2 rules 1 TTP 1 CVE

CVE-2026-41940 is an authentication bypass vulnerability in WebPros cPanel & WHM and WP2 (WordPress Squared) that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

cPanel & WHM +1 cpanel whm wp2 wordpress authentication-bypass cve-2026-41940 initial-access

2r 1t 1c Jan 3, 2024