Creative Minds » Cm Download Manager : Security Vulnerabilities, CVEs,
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.
Max CVSS
10.0
EPSS Score
46.09%
Published
2014-12-05
Updated
2018-10-09
1 vulnerabilities found