WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress Log WP_Mail plugin version 0.1 and prior versions are vulnerable to information disclosure. The vulnerability stems from the use of predictable filenames to save sent emails in publicly accessible directories, which can be exploited by an attacker to allow any unauthenticated visitor to access potentially sensitive information such as generated passwords.