Accompanying blog post here[1]. Last time I posted a vulnerability walkthrough[2] for fun on hn (that one was of an eBay info leakage issue) I got a couple of requests for more demos like it, so here's a fun one of how easy it is to compromise an un-patched vulnerable WordPress Plugin.
[1]: http://blog.bugreplay.com/post/152117721734/demonstrating-wo...
[2]: https://news.ycombinator.com/item?id=12002579
