Georgii Shutiaev

**Name of the Vulnerable Software and Affected Versions** WordPress Toolkit versions prior to 6.11.0 **Description** An argument injection issue exists in the software as used in cPanel & WHM. This allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands under the context of another account. **Recommendations** Update to version 6.11.0 or later.

**Name of the Vulnerable Software and Affected Versions** Plesk versions prior to 18.0.75.1 Plesk versions prior to 18.0.76.2 **Description** An XPath injection issue exists in the APS Application Catalog search functionality. This occurs because user-supplied input is interpolated into XPath queries without proper sanitization. An authenticated, low-privileged user can exploit this to execute arbitrary operating system commands on the server, leading to local privilege escalation. Over 1.8 million devices were identified as potentially affected via FOFA queries in the past year. **Recommendations** Update to version 18.0.75.1. Update to version 18.0.76.2.

**Name of the Vulnerable Software and Affected Versions** Comet Backup versions prior to 26.4.3 Comet Backup versions prior to 26.5.0 **Description** Insufficient character filtering in the backup agent signing module allows an authenticated tenant administrator with branding permissions to execute arbitrary code on the server and connected devices on behalf of a privileged user. This is achieved by uploading malicious `.dll` or `.so` files through the branding configuration and generating a backup-tool client. Successful exploitation can lead to a full takeover of the server instance and unauthorized access to configuration files and backed-up data. **Recommendations** Upgrade to version 26.4.3 or later. Upgrade to version 26.5.0 or later.