The plugin called News & Blog Designer Pack for WordPress has a security issue in versions 4.0 and below. This means that people who are not logged in can access and run any type of file on the server, including PHP files. This could potentially be used to get around security measures, access private information, or run code if someone uploads an “innocent” file type like images.