Description

One or more files were found that contain database credentials used to connect to a WordPress database. This information could be sensitive.

This alert may be a false positive, manual confirmation is required.

Remediation

Remove these file(s) from your website or change its permissions to remove access.

References

WordPress configuration file

Related Vulnerabilities

WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)

Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25)

ASP.NET Core Development Mode enabled

Envoy Metadata disclosure

WordPress Plugin Recent Backups Arbitrary File Download (0.7)

Severity

Medium

Classification

CWE-538 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Test Files