Full title: Wordpress Front-end Editor File Upload Exploit 
Category: web applications
Platform: php
The Wordpress Front-end Editor plugin contains an authenticated file upload vulnerability. We can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the wordpress api it's possible to upload any file type.

# 0day.today @ http://0day.today/