Description

WordPress root directory contains a file named readme.html. The readme.html file may reveal sensitive information and is not needed from a functional perspective.

Remediation

Delete the /readme.html file from the WordPress root directory.

References

OWASP Wordpress Security Implementation Guideline

Related Vulnerabilities

WordPress Plugin Store Locator Plus for WordPress Multiple Vulnerabilities (3.0.1)

TLS/SSL Weak Cipher Suites

PHP open_basedir is not set

Spring Boot Misconfiguration: Overly long session timeout

Chrome Logger information disclosure

Severity

Info

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Tags

Configuration