A critical privilege escalation vulnerability in the LiteSpeed User-End cPanel Plugin is actively being exploited and appears on the CISA KEV catalog, allowing authenticated cPanel users to escalate to root on the host server. Any cPanel-based hosting environment running the plugin below version 2.4.5 is at immediate risk of complete system compromise. Patching must be treated as an active incident response action, not a scheduled maintenance task.