Description
webadmin.php is a simple Web-based file manager. This file manager should not be installed on production systems because it doesn't employ any user authentication in the default configuration. Therefore an attacker can read and create random files in your system.
Remediation
Restrict access to this file or remove it from the system.
References
Related Vulnerabilities
WordPress XML-RPC authentication brute force
WordPress Plugin Swim Team Arbitrary File Download (1.44.1077)
WordPress Plugin Filedownload 'download.php' Local File Disclosure (0.1)
WordPress Plugin JM Twitter Cards Information Disclosure (6.1)
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)