Tag: cpanel plugin flaw

2 articles

Rack of computer servers in a data center with a server control panel interface on screen.

CISA Warns of Actively Exploited cPanel Plugin Flaw

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical cPanel plugin flaw, CVE-2026-54420, that's being actively exploited by hackers, posing a significant risk to all user-end plugin versions prior to 2.4.8. This vulnerability allows attackers to escalate privileges to root, putting your online security at risk.

Analyst 207Jun 16, 2026

Server room with rows of equipment, focusing on a single server screen displaying a plugin interface.

CISA Mandates Emergency Patch for Exploited cPanel Plugin Flaw

A critical vulnerability in the LiteSpeed cPanel plugin, known as CVE-2026-48172, is being actively exploited by remote attackers, allowing them to execute arbitrary scripts with root privileges. CISA has issued an emergency patch, giving affected users just four days to update and protect themselves.

Analyst 207May 27, 2026