CVE-2023-7164 Scanner is a security scanning tool designed to detect an arbitrary file download vulnerability in the WordPress BackWPup plugin. The vulnerability stems from inadequate access restrictions in the plugin's temporary backup folder, allowing unauthenticated attackers to download backup files without proper authorization. The scanner targets specific endpoints such as '/wp-content/uploads/' to identify vulnerable installations. It performs HTTP GET requests to check for the existence of index pages and searches for specific strings in response bodies that indicate successful exploitation. The tool can identify backup filenames and compressed archive files including .tar.gz or .zip formats that may contain sensitive site data. The vulnerability affects WordPress sites using vulnerable versions of the BackWPup plugin. Exploitation can lead to unauthorized access to sensitive information including database details, configuration files, user data, and passwords stored in backup files. The scanner provides a single URL scan capability with an estimated scan time of 10 seconds. The tool is offered through the s4e.io platform and is classified as a high-severity vulnerability scanner. It is intended for use by asset owners to identify and remediate this specific security flaw in their WordPress installations.