Exposures › CVE-2026-48172
LiteSpeed cPanel Plugin allows any user to execute arbitrary root scripts via privilege escalation.
This vulnerability enables any cPanel user to escalate privileges and run arbitrary scripts as root, creating a severe risk for DIB organizations relying on cPanel for sensitive data management. Organizations must immediately patch the plugin and audit user access to prevent unauthorized root access.
Shame score — Privilege escalation in a widely-used cPanel plugin allows any user to execute arbitrary root scripts, representing a critical security failure.
LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user account to execute arbitrary scripts with root privileges.
No correlated FedRAMP products.