H3-2025-0020¶

Wordpress Accessible WPConfig

Description¶

If WPConfig is readable by unauthorized users, attackers can obtain sensitive credentials and configuration details.

Impact¶

Attackers can compromise and full control over the WordPress site.

References¶

• WordPress Hardening Guidelines
• MITRE ATT&CK Technique: T1552: Unsecured Credentials