📦 Plesk

CVE-2025-66430 is an incorrect access control vulnerability in Plesk's Password Protected Directories feature that allows authenticated Plesk users to escalate privileges and gain root-level access to...

This is a cross-site scripting (XSS) vulnerability in Plesk control panel versions 17.0 through 18.0.31. A malicious subscription owner can inject scripts that execute with administrator privileges wh...