CVE-2024-1076
SSL Zen <= 4.5.3 - Unauthenticated Private Keys Access
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX.
El complemento SSL Zen WordPress anterior a 4.6.0 solo se basa en el uso de .htaccess para evitar que los visitantes accedan a las claves privadas generadas por el sitio, lo que permite a un atacante leerlas si el sitio se ejecuta en un servidor que no admite archivos .htaccess, como NGINX.
The SSL Zen WordPress plugin before 4.6.0 does not properly prevent directory listing of the private keys folder, as it only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX.
The SSL Zen – Free Let's Encrypt SSL Certificate & HTTPS/SSL Redirect WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.0 via the unsafe storage of keys. This makes it possible for unauthenticated attackers to extract sensitive data that includes private keys.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-01-30 CVE Reserved
- 2024-04-17 CVE Published
- 2024-05-08 EPSS Updated
- 2024-08-30 CVE Updated
- 2024-08-30 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpscan.com/vulnerability/9c3e9c72-3d6c-4e2c-bb8a-f4efce1371d5 | 2024-08-30 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|