Description
The file _vti_pvt/authors.pwd can be read. This file contains sensitive information and should not be available.
Remediation
Restrict access to this file be settings proper permissions to _vti_pvt directory or directly to authors.pwd.
References
Related Vulnerabilities
WordPress Plugin Video Conferencing with Zoom Information Disclosure (3.8.16)
OSGi Management Console Default Credentials
WordPress Plugin Salon Booking System Multiple Information Disclosure Vulnerabilities (7.6.2)
WordPress Plugin WP-Mon Arbitrary File Disclosure (0.5.1)
WordPress Plugin Share Drafts Publicly Information Disclosure (1.1.4)