Exploit Title: WordPress "photocrati-theme" Remote File Upload "RFU"
By : AShiyane Digital Security Team
Dork :
"inurl:wp-content/themes/photocrati-theme/admin"Tested : Windows 7 / bt5
Exploit :
go to gallery in admin Directory
and Then in gallery directory open file : upload_edit.php
then click "Add images"
add your file and upload ...
your files will go to ------ > localhost/wp-content/themes/photocrati-theme/galleries/post-/full/
Demo Site:
[You must be registered and logged in to see this link.]