{"uuid": "45d40069-3c0b-4486-8301-1a179be30514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-56843", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116881766886443952", "content": "CVE-2026-56843 (CRITICAL, CVSS 9.9): WebPros Plesk &lt;18.0.78.4 has insufficient auth in XML-RPC API, letting low-privileged users access other tenants\u2019 cleartext FTP creds &amp; run code as them. Restrict API access &amp; monitor. https://radar.offseq.com/threat/cve-2026-56843-cwe-522-insufficiently-protected-cr-45d7ae62ed3d3640 #OffSeq #Infosec #Plesk", "creation_timestamp": "2026-07-08T01:30:26.980630Z"}