RCE intrusions likely with critical WPLMS WordPress theme issue

Exploitation of the vulnerability, which arises from lacking file validation in the file reading and deletion-managing functions, could be conducted through the delivery of specially crafted HTTP POST requests to all all WPLMS versions up to 4.962, which would then allow critical file reading or deletion.

Article Link: RCE intrusions likely with critical WPLMS WordPress theme issue | SC Media