I was running some security test on my WordPress apps and noticed that all of them have a full path disclosure on the following url. I am sure this has been answered before but I can’t find any information on this.
https://mydomains.com/wp-includes/rss-functions.php
The error message when going to the link is Call to undefined function _deprecated_file() in /home/mydomain/public_html/wp-includes/rss-functions.php on line 8
I don’t have any thing in my themes for RSS.
Edit: After further research this seems to be a common problem on most WordPress sites. The solutions that I found online do not actually fix the error. They simply say to hide the error reporting in the php.ini. That doesn’t fix it though and not everyone has access to the php.ini depending on their hosting situation.