cleantalk
Vulnerabilities and Security Researches

WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score, CVE-2024-13362

CVE, Research URL

CVE-2024-13362

Home page URL

Security reports for WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score

Application

WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score

Published on
May 01, 2026
Research Description
Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 8.0.8.
Status
vulnerable
Previous vulnerability researches
Advanced Flamingo (CVE-2023-52226) , Jun 07, 2024
New vulnerability
YayMail – WooCommerce Email Customizer (CVE-2026-39498) , May 01, 2026
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2026-40766) , May 01, 2026
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score (CVE-2024-13362) , May 01, 2026
Order Delivery Date for WooCommerce (CVE-2026-42386) , May 01, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2024-13362) , May 01, 2026