CVE-2023-5631 vulnerability was discovered in Roundcube.
Call to action
The fix is expected in Plesk Obsidian 18.0.56 #2. Planned release date is October, 31.
Additionally, 18.0.56 #4 includes even newer Roundcube version 1.6.5.
Update Plesk to the latest version as soon as the fix is released.