The basic_settings function in the download manager plugin for WordPress before 2.7.3 allows remote authenticated users to update every WordPress option.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/130690/WordPress-Download-Manager-2.7.2-Privilege-Escalation.html | Exploit Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2017-08-07 17:29
Updated : 2024-02-28 16:04
NVD link : CVE-2014-9260
Mitre link : CVE-2014-9260
CVE.ORG link : CVE-2014-9260
JSON object : View
Products Affected
downloadmanager
- download_manager
CWE
CWE-264
Permissions, Privileges, and Access Controls