Security Advisory

Plesk Product Security Update Advisory (CVE-2025-66430)

  • Dec 23 2025
Plesk Product Security Update Advisory (CVE-2025-66430)

Overview

 

We have released a security update that fixes vulnerabilities in Plesk products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-66430

 

Plesk for Linux version: 18.0.73
Plesk for Linux version: 18.0.74
Plesk for Linux versions: 18.0.70 and above 18.0.72 and below

 

 

Resolved Vulnerabilities

 

Root privilege gain vulnerability in password-protected directories in Plesk (CVE-2025-66430)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-66430

 

Plesk for Linux version: 18.0.73.5
Plesk for Linux version: 18.0.74.2
Plesk for Linux version: 18.0.74.2 Update as per Referenced Sites [1]

 

 

Referenced Sites

 

[1] [CVE-2025-66430] Security vulnerability in Password Protected Directories allows Plesk users to gain root-level access to a Plesk server
https://support.plesk.com/hc/en-us/articles/36261922405015–CVE-2025-66430-Security-vulnerability-i…

Tags:
Previous Post

Next Post