>>81
Depending on the vulnerability and whether PHP-FPM runs in safe mode (we don't have the php.ini), you could run it directly or do it yourself. The bottom line is, it's quite possible there's at least a partial copy of the database.

Of course, the majority of the database is public, but it contains quite sensible information too. For example, the IP obfuscation is only in the frontend, they're stored in cleartext in the modlogs and posts_* tables.