ITAS Team discovered a Code Injection vulnerability in CM Download Manager plugin (https://wordpress.org/plugins/cm-download-manager/). This code injection vulnerability was found and confirmed by vendor. A successful attack could allow an anonymous attacker to run OS command, execute PHP code and gain full control of the application. This vulnerability exists in free ... Read More