Here is the published exploit for the Elegance theme in WordPress. This Local File Disclosure proof of concept will read the passwd file of a Linux system.
[+] Post Local File Disclosure in wordpress theme Elegance [+] Date: 07/06/2014 [+] CWE Number: CWE-98 [+] Risk: High [+] Author: Felipe Andrian Peixoto [+] Dork:inurl:"/wp-content/themes/elegance/" [+] Vendor Homepage: http://www.elegantthemes.com/ [+] Contact: [email protected] [+] Tested on: Windows 7 and Linux [+] Vulnerable File: dl-skin.php [+] Exploit :eof
Latest posts by William Fieldhouse (see all)
- A John McAfee-Backed ICO Exposed Thousands of Peoples Documents Due to Security Blunder - April 26, 2018
- Latest Hacking News Podcast #13 - April 17, 2018
- Latest Hacking News Podcast #12 - April 16, 2018