Description
This alert may be a false positive, manual confirmation is required.
The response contains one or more SSN (social security numbers). It was not possible to validate if these are real social security numbers. You should verify whether the numbers identified are actually valid social security numbers.
Remediation
It's recommended that sensitive data such as credit card numbers or social security numbers should not be exposed on your website.
References
Related Vulnerabilities
WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)
WordPress Plugin Transposh WordPress Translation Multiple Vulnerabilities (1.0.8.1)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6514)