Jump to content

Security Patch Released for 7.3, 7.4 and 7.5

Recommended Posts

Security Patch Released for 7.3, 7.4 and 7.5

Four potential security issues have been identified in WHMCS 7.5 and earlier. It is recommended that you apply this patch as soon as possible.

The issues resolved include:
- Project permissions within the Project Management addon
- Potential XSS on admin homepage
- Improper client password reset logic
- Improper admin access to remote servers via WHMCS Connect

You can apply this patch using the Automatic Updater. The Auto-Updater allows you to apply the patch to your current version, or update to the latest available version (7.5.2) of WHMCS. Learn more

Alternatively, you can download the patch for your version at https://download.whmcs.com/#patch. To install the patch:

1) Download the appropriate files for your version of WHMCS
2) Upload all files found within the zip file to the root WHMCS directory overwriting any existing files

If you are using WHMCS 7.2 or earlier, you should upgrade to WHMCS 7.5.2.

Respective Release Notes:
7.3: https://docs.whmcs.com/Version_7.3.1_Release_Notes
7.4: https://docs.whmcs.com/Version_7.4.3_Release_Notes
7.5: https://docs.whmcs.com/Version_7.5.2_Release_Notes


For the original announcement, please see our blog: https://blog.whmcs.com/133497/security-patch-released-for-73-74-and-75

  • Like 1

Share this post

Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.


Important Information

By using this site, you agree to our Terms of Use & Guidelines