The plugin contained a PHP file, allowing unauthenticated users to upload an arbitrary file anywhere on the web server.Note (WPScanTeam): It's unclear which version fixed the issue exactly, however we were able to confirm the issue on version as high as v5.96 and that the related file has been removed at least since v6.05
To run this project, you will need to add the following modules in your python
requests
To run this project u need to do the followings
python3 exploit.py