The simple-ads-manager WordPress plugin was affected by an Arbitrary File Upload & SQL Injection security vulnerability.
packetstormsecurity.com/files/131280/
packetstormsecurity.com/files/131281/
packetstormsecurity.com/files/131282/
seclists.org/bugtraq/2015/Apr/10
vulners.com/exploitdb/EDB-ID:36613
vulners.com/exploitdb/EDB-ID:36614
vulners.com/exploitdb/EDB-ID:36615