Description
During the scan, Cytrix managed to find some possible sensitive exposed files. That allows an attacker to view and even and download these files.
An attacker could access these sensitive files and use the information they contain in order to perform reconnaissance actions against the website’s infrastructure and sensitive data that the website might hold.
By revealing this info (Information Disclosure) you will make an attacker’s job easy to see what versions of plugins and components are installed. That will assist him in finding attack vectors more easily.
Recommendation
To prevent this vulnerability, make sure to restrict access to these files. Doing so will assure that users without permission can’t access them, or, you can remove them completely from the website.