Multiple Vulnerabilities in cPanel/WHM Allow Security Bypass, XSS, SSRF, Information Disclosure, and Potential Code Execution

72% confidence

Description

An anonymous remote attacker can exploit multiple vulnerabilities in cPanel/WHM to bypass security measures, perform cross-site scripting (XSS) and server-side request forgery (SSRF) attacks, disclose information, and potentially execute code.

Affected Products

Vendor	Product	Versions
cpanel, l.l.c.	cpanel/whm	—

Related News (1 articles)

Tier B

BSI Advisories3h ago

[UPDATE] [hoch] cPanel cPanel/WHM: Mehrere Schwachstellen

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

PublishedApr 1, 2026

Last enriched2h ago

Community Vote

0 upvotes0 downvotes

Multiple Vulnerabilities in cPanel/WHM Allow Security Bypass, XSS, SSRF, Information Disclosure, and Potential Code Execution

Description

Affected Products

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline