Knowledge Base

CVE-2023-4931: Vulnerability in Plesk Installer

Situation

DLL Hijacking vulnerability was discovered in Plesk Installer (for Windows).

Impact

An attacker can create a malicious DLL file and somehow upload it to the target server. If Plesk Installer is launched from the directory where the malicious DLL is located, malicious commands will be executed.

Call to action

The vulnerability was fixed in Plesk Installer 3.0.55. No additional actions are required.

Exploring Plesk’s Added Value Solutions So Far in 2023

Unveiling Sitejet Builder: The Perfect Match for Your Effortless Website Creation Needs

Dynamic List vs. Active List: A Comprehensive Comparison – Unveiling the Ultimate Winner!

Knowledge Base

How to disable web statistics in Plesk?

How to change the default index for all websites on Plesk?

Plesk update/upgrade fails: The installation of the package ‘iiscompression’ failed with code 1603

Unable to Edit SPF TXT Record: Variable “$input” got invalid value

Hosting Wiki

Knowledge Base

CVE-2023-4931: Vulnerability in Plesk Installer

Situation

Impact

Call to action

Exploring Plesk’s Added Value Solutions So Far in 2023

Unveiling Sitejet Builder: The Perfect Match for Your Effortless Website Creation Needs

Dynamic List vs. Active List: A Comprehensive Comparison – Unveiling the Ultimate Winner!

How to disable web statistics in Plesk?

How to change the default index for all websites on Plesk?

Plesk update/upgrade fails: The installation of the package ‘iiscompression’ failed with code 1603

Unable to Edit SPF TXT Record: Variable “$input” got invalid value

Install CVE-2023-4931: Vulnerability in Plesk Installer extension