H3-2025-0020

Wordpress Accessible WPConfig

Description

If WPConfig is readable by unauthorized users, attackers can obtain sensitive credentials and configuration details.

Impact

Attackers can compromise and full control over the WordPress site.

References

• WordPress Hardening Guidelines
• MITRE ATT&CK Technique: T1552: Unsecured Credentials