This Metasploit module exploits an arbitrary file upload in the WordPress WPshop eCommerce plugin versions 1.3.3.3 to 1.3.9.5. It allows you to upload arbitrary PHP code and get remote code execution. This Metasploit module has been tested successfully on WordPress WPshop eCommerce 1.3.9.5 with WordPress 4.1.3 on Ubuntu 14.04 Server.