Skip to content
The Nexus
DossierENTITY

WP Squared

Coverage of WP Squared in the Nexus archive.

Earliest in view: Apr 30 · 11:40 UTCMost recent: Apr 30 · 20:49 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 30 · 20:49 UTCCYBERSCOOP
    cPanel’s authentication bypass bug is being exploited in the wild, CISA warns

    cPanel's authentication bypass vulnerability (CVE-2026-41940) is being actively exploited, affecting all supported versions since 11.40 and WP Squared. CISA added it to its KEV list, while cPanel released a patch addressing the flaw, which allows attackers to inject malicious data during login to bypass authentication.

  • SECURITYApr 30 · 11:40 UTCBLEEPING COMPUTER
    Critical cPanel and WHM bug exploited as a zero-day, PoC now available

    A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, WHM, and WP Squared is being actively exploited in the wild as a zero-day attack, with proof-of-concept (PoC) code now available. The flaw has been leveraged since late February, highlighting urgent security risks for users of these platforms.

WP Squared · Dossier · The Nexus