Vulnerabilities

CVE-2014-8877

by Fred · 05/12/2014

The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.

Date published : 2014-12-05

http://www.securityfocus.com/bid/71204

http://www.securityfocus.com/archive/1/534037/100/0/threaded

Similar

Tags: Cybersecurity Alert