Including a rel="canonical" attribute in your webpage is a strong signal to search engines about the most authoritative (canonical) and preferred version of the page to index and show in search results.
The logic behind it is simple: if you have several similar versions of the same content, you pick one “canonical” version and point the search engines at it. This solves the duplicate content problem where search engines don’t know which version of the content to show in their results.
Since Google announced HTTPS as a ranking signal some years ago, many sites moved to HTTPS, some failing to avoid HTTPS post-migration issues, the most common of which is not setting the HTTPS site version as the preferred one (over the HTTP).
This is exactly what our 'Canonical from HTTPS to HTTP' notice in Site Audit report informs you about: it shows you the HTTPS pages on your website with the canonical link pointing to an HTTP page.
If you have an HTTPS site and found that the version referred to next to the canonical has an HTTP distinction rather than HTTPS, your site is sending messages to Google that the HTTP version is the preferred one that should be in the index.
Google prefers HTTPS pages over equivalent HTTP pages as canonical, except when there are issues or conflicting signals such as when the HTTPS page has a
rel="canonical" link to the HTTP page. So you need to make sure the canonical URLs on your website point to HTTPS pages.
You can fix your canonical tags to point to the correct version, by simply updating your WordPress, manually changing every tag, or having a conversation with your web development team.
See detailed recommendations from Google here.