New

• Debian 12 and Ubuntu 24.04 with HTTP/3 Support
• Node.js 22 LTS Support
• Translations: Serbian, Georgian

Bug Fixes

• #427 Cannot rename files in file manager
• #430 Comma in cron jobs minute
• #434 I think this should be a bug
• Translation Fixes

New

• Translations: Bosnian

Enhancements

• The issuance of Let's Encrypt certificates is being tested against the staging environment first to avoid rate limit errors
• The performance of creating sites, especially Node.js sites, has been enhanced

Bug Fixes

• #382 phpMyAdmin sorting not working
• #383 Instance Reboot at Admin/Instance/Setting doesn't reboot and block auto login from login pages
• #406 CloudPanel Dashboard doesn't when using the AWS EC2 installer.
• Translation Fixes

Security

• Vulnerability that allows a user with the lowest privilege to conduct a session hijacking, subsequently gaining unauthorized access to the admin and other user accounts. (Muhammad Aizat, datack.my)

New

• PHP 8.3 Support
• Node.js 20 LTS Support
• Translations: Danish, Czech

Enhancements

• The databases are backed up prior to executing remote backup
• The site settings and vhost are being included in the remote backup file
• Updated phpMyAdmin to 5.2.1

Bug Fixes

• #329 duplicate settings key in file-manager.conf
• #338 The original certificate is not removed when you delete a web application
• #355 Login Page Autocomplete/Password Manager Issue
• #359 When you delete a website the nodejs app started with PM2 is not deleted
• #367 phpMyAdmin basic auth doesn't work when CloudPanel basic auth is enableds

Security

• File Manager: New file chown issue (CVE-2023-43880)
• File Manager: Zip symlink (BSDTAR) (CVE-2023-43881)
• Command Injection (Yell Phone Naing)

New

• Translation: Koran, Persian

Enhancements

• Vietnamese, Chinese Translation
• RTL stylesheet improvements

Security

• [#298 MySQL Root Password Leak from site user (Thanks to Yell Phone Naing)](#298)
• Critical: Privilege Escalation to root from user (Thanks to Yell Phone Naing)

Bug Fixes

• #287 Colon in remote cloud backup breaks most filesystems
• #290 File Manager Extract not working since v2.3.0
• #293 Strange \n\n inside the certificate file used for custom domain.
• Translation Fixes

Security

• Critical (CVE-2023-35885): Insecure file manager cookie authentication (Muhammad Aizat, datack.my)
• Insecure File Upload leads to Privilege Escalation and Authentication Bypass (Muhammad Zulfiqar)

New

• Translations: Bulgarian
• New CloudPanel CLI Root Commands:
  • User:
    • user:add
    • user:delete
    • user:list
  • Site:
  • site:install:certificate

Enhancements

• The site user name and password can be entered manually for new WordPress sites.

Bug Fixes

• #278 CLI need normalize domain name field
• #284 CLPCTL - Problem with special characters in password result false error
• Translation Fixes

Security

• Critical (CVE-2023-33747): Privilege Escalation to root from user, big thanks to Muhammad (datack.my, host.sabily.info) for reporting and testing
• OS Command Injection, big thanks to Laurence from crowdsec.net for reporting and testing

New

• MariaDB 10.11 LTS Support
• Hebrew
• Japanese

Bug Fixes

• #245 Dark mode: Separating table borders missing
• #254 Site path / copy and paste issues
• Translation Fixes

New

• Reverse Proxy
• Chinese (Simplified)
• Chinese (Taiwan)

Bug Fixes

• #210 Dark mode: Separating table borders missing
• #220 Hetzner Snapshot cleanup throws an exception when delete protection is enabled on a snapshot
• Translation Fixes

New

• Add PHP 8.2 Support
• Dark Mode
• Node.js 18 LTS Support

Improvements

• File Manager order Directories before Files

Bug Fixes

• #208 Unable to create a WordPress site with a database server that doesn't use the default port 3306
• Translation Fixes

New

• Varnish Cache Support

Improvements

• Generate Password Link for Site User Password Update

Bug Fixes

• #138 WordPress Admin login doesn't work with passwords which contains special characters like
• #150 Cron Job PHP version issue
• #153 Backup Custom Rclone Config Time
• Translation Fixes