Wordpress Debug Log Exposure

It is possible to retrieve Wordpress debug logs.

  • wordpress
  • debug
  • log
  • exposure

Debug logs are sometimes stored in the Wordpress directory and are accessible via the web. Debug logs contain sensitive information such as your domain name, database connection string, and other information that should be kept private.

Impact

Attackers may be able to access sensitive information, which could be used to compromise the affected system further.

Solution

Ensure that all debug logs are removed or protected by access policies.

Was this page helpful?