Because of this vulnerability in this Fusion theme, the authenticated users can execute arbitrary code by uploading a file with an executable extension in a fusion_save action and then accessing it via unspecified vectors.
Update the theme.