WordPress WP-DownloadManager Plugin 1.68.1 arbitrary file upload vulnerability

Vulnerability file: download-add.php Vulnerability code: if ! empty $POST'do' checkadminreferer'wp-downloadmanageradd-file'; // Decide What To Do switch $POST'do' // Add File case 'Add File', 'wp-downloadmanager': $filetype = ! empty $POST'filetype' ? intval $POST'filetype' : 0; switch$filetype...