PT-2021-16021 · WordPress · Workreap
Name of the Vulnerable Software and Affected Versions: Workreap WordPress theme versions prior to 2.2.2 Description: The issue allows unauthenticated visitors to upload arbitrary files, including executable code like php scripts, to the uploads/workreap-temp directory due to the lack of nonce...