Re: Wordpress File Inclusion

[Expanders]

------------- wp-include/functions.php line:2166 ------------------
function load_template($file) {
   global $posts, $post, $wp_did_header, $wp_did_template_redirect, 
$wp_query,
       $wp_rewrite, $wpdb;
   extract($wp_query->query_vars);

   require_once($file);
}
-----------------------------------------------------------------

you cannot control a variable directly into a function. so this is not a 
vulnerability

Cheers

Expanders