This script is used for taking advantage of a Local File Inclusion in the Wordpress mail masta plugin version 1.0, it's made in bash
The usage is simple you just have to change the IP in the curl command of the script for the DNS address or the IP address you want to take advantage to, and you need to change or delete the WORDPRESSDIRECTORY in the curl command of the script for the WordPress home directory or delete it if the Wordpress is in the main page of the web server.
To detect if a Wordpress site got this vulnerability you can launch a wpscan to the URL of the Wordpress site or search in the source code for that plugin.