Security Update 2021-02-26

A security issue has been identified that affects all versions of WHMCS. As a result, we have published new releases for all actively supported versions of WHMCS as well as a patch which can be...

Read more »

By Matt

Security Advisory 2020-01-28

Hello, We are writing to advise you of a potential security vulnerability when htaccess directives are not enforced appropriately for WHMCS. This most commonly occurs in web server environments such...

Read more »

By Matt

Maintenance Releases for 7.5 and 7.6

Today we have released maintenance updates for the 7.5 and 7.6 series of WHMCS as well as promoted WHMCS 7.7 to General Availability. The 7.5 and 7.6 releases address usability and bug fix...

Read more »

By Matt

Security Patch Released for 7.3, 7.4 and 7.5

Four potential security issues have been identified in WHMCS 7.5 and earlier. It is recommended that you apply this patch as soon as possible. The issues resolved include: - Project permissions...

Read more »

By David

PHPMailer Security Advisory

Exploit type: Remote Code Execution in third-party PHPMailer libraryCVE Numbers: CVE-2016-10033 and CVE-2016-10045 Description All versions of the third-party PHPMailer library distributed with WHMCS...

Read more »

By Matt

Disclosure for Patch Issued 2016-08-02

On August 2nd, 2016 we issued a security patch for the v6 series - https://blog.whmcs.com/?t=116515. The following discloses the related security concern reported through our Security Bounty...

Read more »

By Matt

WHMCS 6.x Security Patch

A security update has been released for all versions of WHMCS V6.x. We evaluate the severity of this issue to be of a Moderate security rating (see Security Level Definitions). We are providing a...

Read more »

By Matt

WHMCS Security Advisory TSR-2016-0001

WHMCS has released new updates for all supported versions of WHMCS. These updates include changes that address security concerns within the WHMCS product. WHMCS has rated these updates as having a...

Read more »

By David

Kayako Loginshare Security Patch

For the attention of users of the Kayako Loginshare Module A security update has been released for all versions of the Kayako Loginshare module for WHMCS This patch addresses an issue that affects...

Read more »

By Matt