Elegance Wordpress Theme Local File Disclosure Published

Here is the published exploit for the Elegance theme in Wordpress. This Local File Disclosure proof of concept will read the passwd file of a Linux system.

[+] Post Local File Disclosure in wordpress theme Elegance 
[+] Date: 07/06/2014
[+] CWE Number: CWE-98
[+] Risk: High
[+] Author: Felipe Andrian Peixoto
[+] Dork:inurl:"/wp-content/themes/elegance/"
[+] Vendor Homepage: http://www.elegantthemes.com/
[+] Contact: felipe_andrian@hotmail.com
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: dl-skin.php
[+] Exploit : 


Related posts

Google Fixed Two Critical Vulnerabilities With Android March 2023 Update

Vulnerabilities In TPM 2.0 Could Expose Cryptographic Keys

Snapchat Vulnerability Could Allow Deleting Users’ Content Spotlight