WordPress Top Store theme <= 1.5.4 - Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation vulnerability

Authenticated Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by WordFence in WordPress Theme Top Store versions = 1.5.4...