Creative Minds: >> Cm Download Manager >> 2.0.0 Security Vulnerabilities
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.
CVSS Score
10.0
EPSS Score
0.301
Published
2014-12-05