• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

vulnerability

  1. P

    Resolved Contradictory Plugin Listings - BackupBuddy 8.7.5

    Hi Community Plesk WordPress Toolkit is showing my sites are using BackupBuddy 8.7.5 under Plugins https://~/modules/wp-toolkit/index.php/index/plugins And has a Vulnerable tooltip warning which reads 'WordPress Backup Buddy plugin 8.5.8.0 - 8.7.4.1 - Unauthenticated Path Traversal / Arbitrary...
  2. V

    Issue WordPress Toolkit vulnerability report unclear

    Dear Plesk team and Pleskians, For one staging website on my Plesk server (Plesk Obsidian) I am getting the following two reports from the WordPress Toolkit extension: website URL filtered WordPress License Manager for WooCommerce plugin <= 2.2.5 - Sensitive Information Disclosure...
    • Visnet
    • Thread
    • vulnerability wordpress plugins wordpress toolkit
    • Replies: 2
    • Forum: WP Toolkit
  3. D

    Question vulnerability CVE-2021-21708 - PHP Code Execution

    Hello Pleskians and Plesk-Team! i saw a new exploit in PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, As u can read here: NVD - CVE-2021-21708 or you do a quick google search on your own: "CVE-2021-21708" So as workaround for now we surely can update our...
  4. I

    Question Plaintext Passwords?

    Does Plesk store passwords in plaintext - anywhere? Perhaps the table accounts in the psa database? Going through, there are two passwords in plain text. I don't recognize the first of the two passwords; however, the second is one I entered.
  5. D

    Issue Plesk Mail Server keeps getting blacklisted

    Hello Pleskians! I hope somebody can point me into the right direction. As mentioned we got a server with plesk obsidian (latest micro update) on CentOS 7 with Postfix as mailserver. We setup SPF, DKIM and DMARC to get our e-mail deliverability up. But unfortunaly we keep getting blacklisted...
  6. custer

    HTTPOXY security vulnerability

    Hi everyone, As some of you might know, there was a new security vulnerability for server-side web applications discovered recently. It's called HTTPOXY -- we suggest you to visit https://httpoxy.org/ to learn more details about it in general. In response to this security vulnerability we've...
  7. E

    Plesk 12.5.30 Pyhton Enable But Security?

    Hi, I Have a Cloudlinux and Plesk 12.5.30. My client wants to support Python. (May be perl support ?) This is not problem for me. To enable Python scripting engine go to Tools & Settings > Apache Web Server > check python. and Hosting Settings.Under Web Scripting and Statistics check the...
Back
Top