This is just a simple script that exploits a vulnerability in the wordpress plugin Advanced Access Manager before Version 5.9.9
it downloads all the files present on the web-server(the wordpress file system) on your computer, enters a list of files to download, such as the wordpress.txt file, which contains the list of standard wordpress files.
Advanced Access Manager before Version 5.9.9 allows reading arbitrary files without checking whether a user is allowed to read the given file. This way one can download the wp-config.php file and get access to the database, which is publicly reachable on many servers. https://wpvulndb.com/vulnerabilities/9873
You can use different lists of file to download for exampple the plugins files or to do some fuzzing on the webserver.
I recommend that you launch it in an empty folder, because while it is running it also downloads the non-existent files and only after it has finished delete the 0-bit files.
Need:
Python
pip install wget
pip install art
Obviously it is for educational purposes only. and it's an extremely simple script, there are thousands of ways to do it better.