CVE-2021-45007

Name of the Vulnerable Software and Affected Versions Plesk version 18.0.37

Description The issue allows an attacker to insert data on the user and admin panel due to a Cross Site Request Forgery (CSRF) vulnerability. It is noted by the vendor that this is only a site-specific problem on websites of one or more Plesk users.

Recommendations For Plesk version 18.0.37, consider temporarily restricting access to the admin panel and user panel to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.