WordPress has a core feature and plugins allowing content managers to publish posts on their blogs by sending their articles to a configured email address. The scanner detected that the target WordPress instance has either the core feature or a specific plugin configured.
Solution
Ensure that this feature is expected on the target WordPress instance, and that the publishing rules do not allow any unauthorized actor to send arbitrary content.