CVE-2014-8877
CM Downloads Manager for WordPress (CreativeMinds) contains a remote PHP code execution vulnerability (CVE-2014-8877) in the alterSearchQuery function of lib/controllers/CmdownloadController.php. The issue allows an attacker to inject PHP code via the CMDsearch parameter sent to cmdownloads/, whe...