Description

One or more files were found that contain database credentials used to connect to a WordPress database. This information could be sensitive.

This alert may be a false positive, manual confirmation is required.

Remediation

Remove these file(s) from your website or change its permissions to remove access.

References

WordPress configuration file

Related Vulnerabilities

Minify arbitrary file disclosure

WordPress Plugin Membership Simplified Arbitrary File Download (1.58)

WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Information Disclosure (2.2.5.1)

WordPress Plugin Salon Booking System Multiple Information Disclosure Vulnerabilities (7.6.2)

WordPress Plugin Find My Blocks Information Disclosure (3.3.2)

Severity

Medium

Classification

CWE-538 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Test Files