Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress database credentials disclosure - Vulnerability Database

WordPress database credentials disclosure

Description

One or more files were found that contain database credentials used to connect to a WordPress database. This information could be sensitive.

This alert may be a false positive, manual confirmation is required.

Remediation

Remove these file(s) from your website or change its permissions to remove access.

References

WordPress configuration file

Related Vulnerabilities

Dotenv .env file High
Common tags: Information Disclosure Test Files
WordPress readme.html file Information
Common tags: Information Disclosure Test Files
Microsoft Access Database File Detected Medium
Common tags: Information Disclosure Test Files
Configuration file disclosure High
Common tags: Information Disclosure Test Files
web.xml configuration file disclosure High
Common tags: Information Disclosure Test Files

Severity

Medium

Classification

CWE-538
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure
Test Files