CVE-2014-10396 (epic)

The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php.

View Full Alert