Skip to content

Sensitive Data: WordPress DB Backup¶

Identifier: wordpress_db_backup_listing

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

WordPress DB Backup plugin exposes database files along with directory listing, allowing attackers to discover and download sensitive database backups.

How we test: We test for exposed database backup files and directory listings in WordPress DB Backup plugin by attempting to access backup directories and analyzing responses to detect if database files and directory listings are accessible.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  wordpress_db_backup_listing:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.