get_vulnerabilities(); $host = parse_url( get_site_url(), PHP_URL_HOST ); $text = file_get_contents( $this->dir . '/assets/db_exports.txt' ); $exports = str_replace( '{domain_name}', $host, $text ); $names = explode( PHP_EOL, $exports ); foreach ( $names as $name ) { $path = ABSPATH . $name; $url = esc_url( get_site_url() . '/' . $name ); if ( file_exists( $path ) ) { $response = wp_remote_head( $url, array( 'timeout' => 5 ) ); $code = wp_remote_retrieve_response_code( $response ); if ( 200 === $code ) { $this->add_vulnerability( __( 'A publicly accessible database file was found in', 'wpscan' ) . " $url.", 'high', sanitize_title( $name ), 'https://blog.wpscan.com/wordpress-database-backup-files/' ); } } } } }