CVE Vulnerabilities

CVE-2024-1076

Published: May 08, 2024 | Modified: Aug 30, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The SSL Zen WordPress plugin before 4.6.0 does not properly prevent directory listing of the private keys folder, as it only relies on the use of .htaccess to prevent visitors from accessing the sites generated private keys, which allows an attacker to read them if the site runs on a server who doesnt support .htaccess files, like NGINX.

References