Plex has patched and mitigated three vulnerabilities affecting Plex Media Server for Windows that could enable attackers to take full control of the underlying system when chained together. Plex is a desktop app and the backend server for the Plex media streaming service, designed for streaming movies, TV shows, music, and photo collections to over the Internet and on local area networks. The three vulnerabilities tracked by Tenable security researcher Chris Lyne and reported to Plex on May 31st. The Plex Security Team rolled out patches for CVE-2020-5740 on April 24, CVE-2019-5741 on May 7, and CVE-1942 via server-side changes.
Source: https://www.bleepingcomputer.com/news/security/plex-fixes-media-server-bugs-allowing-full-system-takeover/