Description
Certain versions of the WordPress theme OptimizePress contain a file that can be used by attackers to upload arbitrary files on the web server and execute the code contained in these files. The vulnerable file is wp-content/themes/OptimizePress/lib/admin/media-upload.php.
Remediation
Delete wp-content/themes/OptimizePress/lib/admin/media-upload.php file.
References
Related Vulnerabilities
Python Debugger Unauthorized Access Vulnerability
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
Squid Improper Input Validation Vulnerability (CVE-2016-2571)
WordPress Plugin Login by Auth0 Multiple Vulnerabilities (3.11.3)
Roundcube Improper Input Validation Vulnerability (CVE-2011-1491)