Description

A possible sensitive file has been found. This file is not directly linked from the website. This check looks for common sensitive resources like password files, configuration files, log files, include files, statistics data, database dumps. Each one of these files could help an attacker to learn more about his target.

Remediation

Restrict access to this file or remove it from the website.

References

Web Server Security and Database Server Security

Related Vulnerabilities

WordPress Plugin Image Export Arbitrary File Download (1.1.0)

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.15)

WordPress Plugin HTML5 MP3 Player with Playlist Free Information Disclosure (2.6)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.38)

WordPress Plugin Page and Post Clone Information Disclosure (1.1)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Test Files