Description
A installed.json file was discovered. Composer is a tool for dependency management in PHP. It allows you to declare the libraries your project depends on and it will manage (install/update) them for you. After installing the dependencies, Composer stores the list of them in a special file for internal purposes.
As the file is publicly accessible, it leads to disclosure of information about components used by the web application.
Remediation
Restrict access to vendors directory
References
Related Vulnerabilities
WordPress Plugin Clone Information Disclosure (2.4.2)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Information Disclosure (5.1.2)
WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1)
WordPress Plugin ShareYourCart Information Disclosure (1.6.1)