Posted by Walter Hop on Sep 19

Unrestricted Upload/RCE in Neosense theme for WordPress
https://lifeforms.nl/20160919/unrestricted-upload-neosense <https://lifeforms.nl/20160919/unrestricted-upload-neosense>

Vulnerability:

Neosense is a WordPress theme by dynamicpress.
(https://themeforest.net/item/neosense-multipurpose-wordpress-theme/6363229
<https://themeforest.net/item/neosense-multipurpose-wordpress-theme/6363229>)

Neosense theme version 1.7 contains an…