## https://sploitus.com/exploit?id=WPEX-ID:65A8CF83-D6CC-4D4C-A482-288A83A69879
1) When an admin creates a staging site, an attacker can capture a `.cache` file which reveals sensitive information including: DB_name, DB_tables, DB_columns.
2) These files can be accessed at these URLs during backup:
- http://127.0.0.1/wordpress/wp-content/uploads/wp-staging/clone_options.cache
- http://127.0.0.1/wordpress/wp-content/uploads/wp-staging/files_to_copy.cache