News

Meet WisPanel — The next-gen control panel built for speed, security && simplicity!

Your powerful WisPanel 1.13.19 is here !

: :

Security Hardening: 20+ Vulnerability Fixes

April 7, 2026 58 views

Security Hardening Update

We completed a comprehensive security audit and fixed 20+ vulnerabilities.

Critical Fixes {#critical-fixes}

SQL injection: Database handler name/password validation
Shell injection: WordPress manager uses Go pipes instead of sh -c
Path traversal: Trash delete, upload filename, restore path
Symlink escape: File manager, FTP, WordPress path validation
Privilege escalation: External commands (unrar, ffprobe) now run as user
Unauthenticated endpoints: Setup and SSE endpoints guarded

New Security Features {#new-security-features}

ensureUserDir() helper: symlink-safe directory creation
ACME challenge pre-check before SSL issuance
PECL extension auto-rebuild when system libraries update

[Screenshot: security-audit.png]

Share this article

Twitter LinkedIn

Related Articles

File Manager: Major UX Update

Apr 9, 2026

DirectAdmin Backup Compatibility

Mar 26, 2026

WisPanel 1.0 is Here!

Dec 20, 2025

Table of Contents

Article Info

Published: Apr 7, 2026
Updated: Jun 4, 2026
Views: 58
Reading time: 1 min

Stay Updated

Get notified about new posts.

Welcome back

Sign in to your account to continue

Email address

Password

Remember me Forgot password

Or continue with

Continue with Google

Create your account

Start managing your servers with WisPanel

Full name

Email address

Password

Confirm password

I agree to the Terms and Privacy

Or continue with

Continue with Google