Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-41940 | 1 Cpanel | 3 Cpanel, Whm, Wp Squared | 2026-04-30 | N/A | 9.8 CRITICAL |
| cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. | |||||
| CVE-2017-11441 | 1 Cpanel | 1 Whm | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before 58.0.52, 60.x before 60.0.45, 62.x before 62.0.27, 64.x before 64.0.33, and 66.x before 66.0.2 has XSS via a locale filename, aka SEC-297. | |||||
| CVE-2012-6449 | 1 Cpanel | 2 Cpanel, Whm | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability. | |||||