
ProtonMail-run site with GDPR advice left user details exposed - samizdis
https://www.theregister.co.uk/2020/04/29/protonmail_gdpr_advice_site_git_snafu/
======
samizdis
> _Within the /.git/ repo were the keys to GDPR.eu's WordPress kingdom: a full
> and unabridged copy of wp-config.php. In a WordPress installation, wp-
> config.php is the critical file containing a plaintext copy of the username
> and password for the SQL database powering the entire site._

