Skip to main content
CVE-2014-8877 CRITICAL POC THREAT Emergency

The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 30.1%.

RCE WordPress PHP Code Injection Cm Download Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
30.1%
Threat
4.4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy