On October 19, 2021, we have enabled single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
If you had already registered your account at Plesk 360 (formerly known as My Plesk) please use one for login. Otherwise please re-register it using the same email address as your existing Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account.

Articles in this section

See more

Unauthenticated Remote Root Code Execution on Plesk Panel

Avatar
Robert Asilbekov
Updated
Follow
Plesk Onyx Plesk Obsidian

Situation

A long time ago we fixed a critical vulnerability in Plesk (internal ID: PFSI-62427). Now the full details of this vulnerability are going to be disclosed publicly.

Impact

All supported versions of Plesk are fixed. If you are using one of them, then there is no impact for you.

In case your instance is vulnerable, an unauthenticated attacker (for outdated Plesk 18.x) or a malicious subscription owner (for outdated Plesk 17.x and older) can fully compromise the server.

Call to Action

Keep your Plesk instances up-to-date.

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles