Search Results

What Scan Findings Are Scan findings are the results generated when Steel Security analyzes your WordPress site. Each finding highlights a potential risk, exposure, or configuration issue that may affect your site's security. Why Findings Matter Findings help...

Why Findings Are Categorized Steel Security groups findings into categories to make them easier to understand and act on. Each category represents a different type of security concern. This structure helps you quickly identify where issues exist within your si...

What Severity Means Severity indicates how important a finding is based on its potential impact and likelihood of exploitation. It helps you prioritize which issues to address first. Severity Levels Steel Security assigns each finding a severity level: High ...

What This Means This finding indicates that one or more configuration files are publicly accessible. These files may contain sensitive information about your site. Why It Matters Configuration files often include critical details such as: database credential...

What This Means This finding indicates that backup files are publicly accessible on your site. These files may contain full or partial copies of your website or database. Why It Matters Backup files often include: complete site data database exports configur...

What This Means This finding indicates that directory listing is enabled on your server. This allows visitors to view the contents of directories when no index file is present. Why It Matters When directory listing is enabled, anyone can browse files within a...

What This Means This finding indicates that PHP files can be executed within upload or storage directories. These directories are typically intended for file storage, not code execution. Why It Matters Upload directories (such as /wp-content/uploads/) are com...

What This Means This finding indicates that certain PHP files on your site can be accessed directly via a browser. These files may not be intended to be executed outside of normal WordPress workflows. Why It Matters Many PHP files are designed to be included ...

What This Means This finding indicates that WordPress debug mode is enabled on your site. Debug mode is intended for development and troubleshooting, not for production use. Why It Matters When debug mode is enabled, your site may display: error messages war...

What This Means This finding indicates that your site is exposing version information for WordPress or related components. This information may be visible in page source, headers, or other outputs. Why It Matters Version information can help attackers identif...

What This Means This finding indicates that your site is exposing system-level information that may reveal details about its configuration or environment. This information is not always obvious but can be gathered through various outputs and responses. Why It...

What This Means This finding indicates that the WordPress XML-RPC interface is enabled and accessible on your site. XML-RPC allows remote access to WordPress functionality. Why It Matters While XML-RPC has legitimate uses, it is commonly targeted by attackers...