Wordpress mypixs plugin local file inclusion vulnerability

WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Software Foundation. mypixs is one of the plugins to view and manage Picasa web albums. A local file inclusion vulnerability exists in version v0.3 of the Wordpress mypixs plugin, which can be exploited by...

MyPixs <= 0.3 - Unauthenticated Local File Inclusion (LFI)

Plugin is still affected and has been closed. Typical local file inclusion vulnerability: from downloadpage.php: I've tried to get RCE but didn't have success reading from /proc/self/environ or /var/log/apache2/access.log include: Failed opening '/proc/self/environ' for inclusion...