The fatal flaw was that a letter never became itself in the code. Combined with the Germans quite often using set formats for messages meant that the Allied code breakers could make educated guesses regarding some words. Are the last 2 words "Heil Hitler" or the title of the report from the Uboats at the start of the day the German term for "Weather Report" for instance? Things like that. From that they built a machine called "The Bombe" to crack the messages and discover the rotor settings each day (the rotor settings changed each day).
Was there a reason why the Germans either didn't notice the flaw or didn't think it was a problem? Were they too overconfident due to there being 158 quintillion different code settings?
After the war, german cryptographers were asked that very question. The answer they gave was (simplyfied) "we knew of these weaknesses all along but we never thought someone would go to those lengths to break it." The brits didn't just build one "bomb", they build warehouses full of them! It was a huge operation that continued sometimes for months without being able to decypher anything, untill they made another breakthrough. And the Allies made a huge effort to mask their use of the intelligence they gained from breaking Enigma. E.g. when they wanted to attack a submarine, they would fly a plane to that exact spot to have it "discovered accidentally." Since the brits also found and turned every german spy in Britain, they could feed the german intelligence service - some of who's agents may or may not have knowingly worked against Hitler as well, because they hated him - convincing lies regarding how clueless the Allies supposedly were. Why improve something that all your sources say is impervious?
It should however be pointed out that Enigma was improved throughout the war and that better policies for it's use and better training/discipline of operators would have made it much more difficult to break. It might even have been impossible to break it on a regular basis. (I.e. if we discount the very unlikely cases of "brute force" guessing keys working before the universe ends.) Very often it was errors or sloppyness by the operators in the field that compromised the security of a given day's messages. E.g. the re-use of previous settings on the machine to transmit another message (or even all messages of that day) often made it much easier to guess the key. Operators also had a statistically very important preference for choosing the placement of the plugs on the plugboard, completely negating that meassure of added complexity. You mentioned plaintext attacks. They were much more difficult when they "innital settings" of the machine were chosen randomly for every new message, as the designers intended. But this just didn't happen, which effectively turned lots of short messages that effectively had different character encodings into one long message. This gives any attacker much more information about the key to play with. Often you would also see the exact same message repeated verbatim on networks of different level of security and thus different strength of encryption, thus making the keys of all of those networks ripe targets. The surface fleet's Enigma traffic was pretty impervious in comparison, probably because they had experience with using encryption.
It is also interesting to note that the same codebreakers would later on work on soviet encrypted traffic. The soviet operators made the exact same mistakes as the Germans had done untill at one point years after WW2 the entire Red Army and the entire government suddenly changed their operating procedures - e.g. operator errors were bunished very severely from that point on - and it became practically impossible to break their codes. It is speculated that they had found out about the western Allies' codebreaking during WW2 through human intelligence.