Uploaded files present a huge risk in the server. The uploaded files can be malicious and can cause damage to the server with sensitive data breach. It could also give complete access to the attacker. When an attacker wants to attack a web application. He will try different methods to upload his malicious file. After a successful upload, he will finds different ways to execute the file. A server that allows multiple themes for WordPress will fail to sanitize user supplied input. This will result in vulnerability that lets attackers upload and download any files. This might give unauthorized access or privilege escalation.
The impact of this vulnerability include:-