Discovered wp-app.log File
A wp-app.log file is present.
- exposure
- logs
wp-app.log (Application Logfile) is a log file that is used by WordPress to log information about the application. However, sensitive information might be included in the files.
Impact
Attackers can trivially retrieve any sensitive information that is present in the file. This may include a logged session token, user’s login credentials or other sensitive information.
Solution
Remove the wp-app.log file. It should not be present in a production environment.
Was this page helpful?