WordPress Smallbiz Themes Remote File Uploads Vulnerability

#- Title: Wordpress Smallbiz Themes
Remote File Uploads Vulnerability

#- Author: FullSecurity.org

#- Date: 09-02-2016

#- Developer : expand2web.com

#- Link Download : www.expand2web.com/smallbiz-
theme/

Google Dork: inurl:"/themes/
smallbiz/"

Vulnerability : site/wp-content/themes/smallbiz/palette/index.php

When Vulnerable :

Method :

1. Go to site.com/wp-content/themes/
smallbiz/palette/index.php

2. Upload your image

3. if succes, click image & open in new
tab..thats all..