• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

Plesk Injection Vulnerability

M

MichaeC

Guest
We installed the necessary patches on 9.5.4 last night, and this morning STILL saw some logins to accounts.

Need to know the following:

1. How did they get the usernames to begin with?
2. Do they have the passwords now?
3. How are they still doing this?

The log is not showing much that they did when logging in or even if they got in at all using the API (the one in logs under admin)

Need more information about this..
 
MichaeC said:
We installed the necessary patches on 9.5.4 last night, and this morning STILL saw some logins to accounts.

Need to know the following:

1. How did they get the usernames to begin with?
2. Do they have the passwords now?
3. How are they still doing this?

The log is not showing much that they did when logging in or even if they got in at all using the API (the one in logs under admin)

Need more information about this..
Click to expand...

See here: http://forum.parallels.com/showthread.php?p=616004#post616004
 
You must log in or register to reply here.

Similar threads

Hangover2
Critical security issue fixed on 24–25 February 2026 (Plesk Obsidian 18.0.75 Update 1 / 18.0.76 Update 2) — request for vulnerability details
Replies
4
Views
1K
Hangover2
Hangover2
WhiteTiger
Question Deny login with root
Replies
1
Views
908
Kaspar
K
T
Question Can't Assign Multiple Subscriptions to Customer?
Replies
2
Views
890
Kaspar
K
T
Question I am sooo lost. Trying to login to my Plesk
Replies
7
Views
3K
Kaspar
K
A
Issue Cannot access Plesk server or websites after a period of time
Replies
1
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top