CVE-2024-1076
CVE-2024-1076 affects the SSL Zen WordPress plugin: versions before 4.6.0 fail to prevent directory listing of private keys because access control relies solely on .htaccess, which may be ignored on servers that don’t support .htaccess (e.g., NGINX). This can let an attacker read private keys. Th...