By default Worpdress places readme.hml file to your webroot directory, so it’s possible to get it. The problem is this file contains your WordPress version. So if for some reason you have vulnerable version of WordPress you might want to hide this file. This is how you can implement this:
location = /readme.html { return 404; }
Keep in mind that it will not remove your WordPress version from your feeds and HTML headers.