One or more pages contain HTML comments that look like SQL statements. These SQL statements may disclose sensitive information to an attacker. This alert may be a false positive.
These comments should be investigated and, if necessary, removed from the pages.
WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6)
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)
WordPress Plugin Duplicator-WordPress Migration Arbitrary File Download (1.3.26)