CVE-2021-39327

Name of the Vulnerable Software and Affected Versions: BulletProof Security WordPress plugin versions up to, and including, 5.1

Description: The issue concerns sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db backup log.txt file. This grants attackers the full path of the site, in addition to the path of database backup files.

Recommendations: For versions up to, and including, 5.1, update to a version higher than 5.1 to resolve the issue. As a temporary workaround, consider restricting access to the ~/db backup log.txt file to minimize the risk of exploitation.