The Filr – Secure document library plugin for WordPress is not secure in all versions up to 1.2.3.5. This means people with an author-level account and higher can upload any type of file to the server of the affected website. This could lead to remote code execution on the server.