WordPress – Possible sensitive files


During the scan, some possible sensitive files were detected, and, are probably exposed to others as well.
That allows an attacker to view and even and download these files.

An attacker could access these sensitive files and use the information they contain to perform reconnaissance actions against the website’s infrastructure by using the sensitive data the website might hold.

wp-content is used to store assets of a website like – image files, plugins, etc.
By revealing this info (also called Information Disclosure) you will make an attacker’s job easy to see which versions of plugins and themes are installed and hence can initiate attacks more easily.


To prevent this vulnerability, make sure to restrict access to these files. We do that so that users without permission can’t access them, or, you can remove them completely from the website.



< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »