Situation
A critical vulnerability (with the internal ID PFSI-62465) was identified and fixed in Plesk a long time ago. Complete information about exploiting this vulnerability are going to be disclosed publicly.
Vulnerable Plesk versions: from 17.0 to 18.0.31. These are unsupported versions in Plesk, for which hotfixes are no longer released.
Impact
All supported versions of Plesk are immune. If you use one of them, there is no any impact for you.
Otherwise, in case your Plesk instance is vulnerable (you are running Plesk 17.0 to 18.0.31), a malicious subscription owner (customer or additional user) can fully compromise the server if an admin visits a certain page in Plesk related to the malicious subscription.