Many may have recieved this notice, but a good decription is posted here

Looks like there is a hole in their API, and since we need to use this for WHMCS, I thought it may be a good idea to post this for you all.

You may also want to check your "Action Logs" in Plesk to see if you were attacked.