This module uses an unauthenticated remote PHP file upload vulnerability via File Manager (wp-file-manager) plugin in WordPress to upload and execute a PHP agent file to gain arbitrary code execution on the affected system.
CVE Link
Exploit Type
Product Name