Browse all 4 CVE security advisories affecting Plesk. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Plesk serves as a web hosting control panel enabling server management and website deployment. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or authentication flaws. The platform has faced security incidents, including a 2019 vulnerability (CVE-2019-6799) allowing unauthorized access to sensitive data. With four current CVEs, ongoing security concerns persist, particularly around default configurations and third-party component integration. Regular updates and hardening remain critical for secure deployment.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-4931 | Uncontrolled search path element vulnerability in Plesk — Plesk InstallerCWE-427 | 6.3 | Medium | 2023-11-27 |
This page lists every published CVE security advisory associated with Plesk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.