The SSL Zen plugin for WordPress, which allows for free Let’s Encrypt SSL certificates and HTTPS/SSL redirection, has a security vulnerability. This means that in versions up to 4.5.0, sensitive information such as private keys can be accessed by unauthorized individuals due to the unsafe storage of keys.