. The WP Encryption plugin for WordPress, which helps secure websites with SSL certificates and redirects to HTTPS, has a vulnerability that exposes private key files. This could allow attackers to access sensitive information, such as TLS certificate private keys, without needing to log in.