File Upload vulnerability in PluckCMS v.4.7.10 allows a remote malicious user to execute arbitrary code via the trashcan_restoreitem.php file.
pluck-cms pluck 4.7.10