# Exploit Title: Wordpress SimpleCart Theme File Upload and Execution # Google Dork: inurl:/wp-content/themes/simplecart # Date: 31 March 2015 # Exploit Author: Divya # Vendor Homepage: https://github.com/UpThemes/ # Software Link: https://github.com/UpThemes/SimpleCart-Theme # Version: 2.1.2 # Tested on: Windows, Linux # CVE : None # # Other Themes: # Micro Theme 1.0.3: https://github.com/UpThemes/Micro-Theme # Holding Pattern Theme 1.3: https://github.com/UpThemes/Holding-Pattern-Theme # Gallery Pro Theme 2.5.3: https://github.com/UpThemes/Gallery-Pro-Theme/ # Evo Theme 1.3: https://github.com/UpThemes/Evo-Theme # Charity Theme 1.1.3: https://github.com/UpThemes/Charity-Theme/ WP Theme Exploit
Target IP: HTTP HTTPS
Upload File:
Upload Path:

Base64 Encoded value (without double quotes) 1. "Li4vLi4vLi4vLi4v" for website root directory upload.
2. "Lg==" for current directory upload.

Vulnerable File: