WP Encryption One Click SSL Certificate Plugin Missing Authorization Vulnerability on SSL Setup Tampering

A vulnerability exists in the WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress, in all versions through 7.8.5.10. The issue arises from inadequate capability checks in the 'wple_basic_get_requests' function, allowing authenticated attackers with subscriber-level access or higher to unauthorizedly modify SSL configuration. This includes resetting the SSL setup state, falsely indicating SSL completion, and altering plan selection options.

Impact

Exploitation of this vulnerability allows for unauthorized modification of SSL settings, including resetting the SSL setup state and forcing SSL to appear complete, potentially leading to misconfigurations or security oversights.

Reproduction

To reproduce this vulnerability, an authenticated user with subscriber-level access or higher can send a request to the 'wple_basic_get_requests' function without the necessary capability checks. This can be done by manipulating the SSL setup options through the WordPress admin interface, specifically targeting the WP Encryption plugin's settings.

Remediation

Users are advised to update the WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin to version 7.8.5.11 or a newer patched version.