Arbitrary file upload vulnerability in WordPress User Submitted Posts plugin.