This Metasploit module exploits a vulnerability found in WP Curvo Theme. By abusing the upload-handler.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
d2ee43b614a91e7fe733a6895cce75fdf5c2fd765821db8e7fc6e30e8a2031f4