Description
The web application uses Symfony framework. Symfony Profiler is enabled and accessible. It leads to disclosure of sensitive information about the web application.
Remediation
Disable the Profiler or restrict access to it
References
Related Vulnerabilities
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.27)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39200)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Information Disclosure (1.8.11)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)