CVE-2026-32993 | WebPros cPanel/WP Squared prior 11.132.0.32/11.134.0.26/11.136.0.10 Query Parameter /unprotected/nova_error Status crlf injection

A vulnerability classified as problematic was found in WebPros cPanel and WP Squared. This vulnerability affects unknown code of the file /unprotected/nova_error of the component Query Parameter Handler. The manipulation of the argument Status results in crlf injection.

This vulnerability is reported as CVE-2026-32993. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More