Tag: authentication bypass

cPanel compromise: CVE-2026-41940 and the Filemanager backdoor

Cybersecurity, Hacking and Exploits Leave a comment
cPanel compromise: CVE-2026-41940 and the Filemanager backdoor

A critical cPanel/WebHost Manager flaw tracked as CVE-2026-41940 is being actively exploited to deploy a cross-platform backdoor known as Filemanager. Security researchers tied the activity to a threat actor using the handle Mr_Rot13, and observed rapid, automated scanning and exploitation from thousands of attacker IPs worldwide. The attacks move quickly from an initial authentication bypass to persistent access via injected

Continue

Critical Flaw in User Registration Membership Plugin (CVE-2026-1492) Lets Attackers Bypass WordPress Authentication

Cybersecurity, Hacking and Exploits, Self Hosted, Web Development Leave a comment
Critical Flaw in User Registration Membership Plugin (CVE-2026-1492) Lets Attackers Bypass WordPress Authentication

A newly disclosed vulnerability in a popular WordPress plugin can allow attackers to log in as administrators without a username or password. Tracked as CVE-2026-1492 and carrying a CVSS v4.0 score of 9.8, the flaw affects all versions of the User Registration Membership plugin up through 5.1.2. The issue was documented in early March 2026 by CYFIRMA researchers and represents

Continue