Description The plugin doesn’t restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site’s code
http://your_site/wordpress/wp-content/plugins/quttera-web-malware-scanner/runtime.log
http://your_site/wordpress/wp-content/plugins/quttera-web-malware-scanner/quttera_wp_report.txt