Description
The PHP Coding Standards Fixer (PHP CS Fixer) is a tool designed to automatically fix PHP coding standards issues. This tool has a caching mechanism that is enabled by default. The caching mechanism creates a file named (by default) .php_cs.cache.
It was confirmed that this cache file is publicly accessible in this directory. This cache file contains potentially sensitive information and it's recommended to restrict access to this file.
Remediation
You should restrict access to the .php_cs.cache file by adjusting your web server configuration.
References
Related Vulnerabilities
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3167)
WordPress Plugin WordPress Backup to Dropbox Information Disclosure (4.7.1)
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.39)
WordPress Plugin IgniteUp-Coming Soon and Maintenance Mode Multiple Vulnerabilities (3.4)