I just looked through my 404 Monitor results for today. I saw about 130 entries where they looked for a file. Each entry was a different theme but the same file. I need to know what it does, how it can be exploited (so y'all can patch) and if I can disable (rename ) it if I don't want uploads by anyone.
The URL is http://www.domain.com/wp-content/themes/theme-name/functions/upload-handler.php
I'm assuming it allows uploads to the site and the upload is an exploit of some type.