CVE-2025-66430 is a high-severity privilege escalation in Plesk’s Password Protected Directories feature that allows any authenticated low-privilege Plesk user to achieve root-level OS access on the managed server. In multi-tenant hosting environments, this means a single tenant account compromise cascades to full host compromise. A patch is available per the Plesk advisory and should be applied immediately.