Summary

A WordPress plugin has a security weakness that lets hackers upload files to a website without permission. This could lead to malware being installed on the site, which could compromise sensitive data or disrupt website operations. Website administrators should update the plugin to the latest version or remove it if it's not essential to the site's functionality.