CVE-2024-1076 – SSL Zen <= 4.5.3 - Unauthenticated Private Keys Access
https://notcve.org/view.php?id=CVE-2024-1076
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX. El complemento SSL Zen WordPress anterior a 4.6.0 solo se basa en el uso de .htaccess para evitar que los visitantes accedan a las claves privadas generadas por el sitio, lo que permite a un atacante leerlas si el sitio se ejecuta en un servidor que no admite archivos .htaccess, como NGINX. The SSL Zen WordPress plugin before 4.6.0 does not properly prevent directory listing of the private keys folder, as it only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX. The SSL Zen – Free Let's Encrypt SSL Certificate & HTTPS/SSL Redirect WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.0 via the unsafe storage of keys. This makes it possible for unauthenticated attackers to extract sensitive data that includes private keys. • https://wpscan.com/vulnerability/9c3e9c72-3d6c-4e2c-bb8a-f4efce1371d5 • CWE-287: Improper Authentication •