Hiphopsmurf

**Name of the Vulnerable Software and Affected Versions** Simple Dropbox Upload plugin versions prior to 1.8.8.1 **Description** The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the wp-content/uploads/wpdb/ directory via the multi.php file in the Simple Dropbox Upload plugin, and then accessing it directly. **Recommendations** For versions prior to 1.8.8.1, update to version 1.8.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the wp-content/uploads/wpdb/ directory to minimize the risk of exploitation. Avoid using the multi.php file in the Simple Dropbox Upload plugin until the issue is resolved.