Here is the published exploit for the Elegance theme in WordPress. This Local File Disclosure proof of concept will read the passwd file of a Linux system.
[+] Post Local File Disclosure in wordpress theme Elegance [+] Date: 07/06/2014 [+] CWE Number: CWE-98 [+] Risk: High [+] Author: Felipe Andrian Peixoto [+] Dork:inurl:"/wp-content/themes/elegance/" [+] Vendor Homepage: http://www.elegantthemes.com/ [+] Contact: [email protected] [+] Tested on: Windows 7 and Linux [+] Vulnerable File: dl-skin.php [+] Exploit :eof
Latest posts by TWR (see all)
- Connecting to Airport WiFi is Safe, Right?…..Wrong - December 5, 2017
- Your HP Wireless mouse can be Spoofed; Be careful - May 18, 2017
- E.U. Fines Facebook $122 Million for misleading information about WhatsApp acquisition - May 18, 2017