Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to store a file.Referenceshttp://jvn.jp/en/jp/JVN87863382/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000112
