PCI v3.2-6.5.8
CAPEC-87
CWE-425
HIPAA-164.306(a), 164.308(a)
ISO27001-A.18.1.3
WASC-34
OWASP 2013-A7
OWASP 2017-A5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

WordPress Configuration File Detected

Severity:
Information
Summary

Invicti detected a possible WordPress configuration file.

Impact

WordPress configuration files may often contain sensitive information such as database credentials.

Remediation

The configuration file should be manually investigated to ensure that no sensitive information has been leaked. It should then be removed or made inaccessible. If the configuration file contained valid credentials, those should be changed immediately and any unauthorized access should be investigated.

Required Skills for Successful Exploitation
Actions To Take
Classifications
PCI v3.2-6.5.8
CAPEC-87
CWE-425
HIPAA-164.306(a), 164.308(a)
ISO27001-A.18.1.3
WASC-34
OWASP 2013-A7
OWASP 2017-A5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Index

You can search and find all vulnerabilities

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Related Vulnerabilities

Featured resources

No items found.
No items found.
View all resources

Build your resistance to threats. And save hundreds of hours each month.

Get a Demo