Incorrect Authorization Leading to Arbitrary Plugin Installation and Post Deletion vulnerability discovered by Ramuel Gall (WordFence) in WordPress Redux Framework plugin (versions <= 4.2.11).
Update the WordPress Redux Framework plugin to the latest available version (at least 4.2.13).