CVE-2024-1076
May 8, 2024, 1:15 p.m.
Tags
Product(s) Impacted
SSL Zen WordPress plugin
- before 4.6.0
Description
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX.
Weaknesses
Date
Published: May 8, 2024, 6:15 a.m.
Last Modified: May 8, 2024, 1:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
contact@wpscan.com
References
contact@wpscan.com