The Real Estate 7 version 2.5.6 suffers from an arbitrary file upload vulnerability. This means that any authenticated user can upload any type of file, even executable ones like PHP. An authenticated user can have any role: editor, subscriber, customer, etc. It does not matter and we will…