Security for everyone

CVE-2014-8877 Scanner

Detects 'Code Injection' vulnerability in CreativeMinds CM Downloads Manager plugin for Wordpress affects v. before 2.0.4.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2014-8877 Scanner Detail

The CreativeMinds CM Downloads Manager plugin is a WordPress plugin that helps users manage downloads on their website. This plugin allows users to upload and share files with their audience. It is used by users who want to share files such as documents, images, and videos with their website visitors. The CreativeMinds CM Downloads Manager plugin is a popular option for bloggers, content creators, and businesses who want to provide downloads for their audience.

One of the vulnerabilities found in the CreativeMinds CM Downloads Manager plugin is CVE-2014-8877. This vulnerability occurs due to the alterSearchQuery function in lib/controllers/CmdownloadController.php. This function allows attackers to execute arbitrary PHP code through the CMDsearch parameter to cmdownloads/. The PHP create_function function processes this parameter.

When this vulnerability is exploited, attackers can execute malicious code on the website without the website owner's knowledge. This can lead to serious consequences such as stealing user data, defacing the website, using the website for malicious activities, and more. The exploitation of this vulnerability can result in a loss of credibility and trust in the website, which can negatively impact the website's reputation and success.

Thanks to the pro features of the platform, website owners can easily and quickly learn about vulnerabilities in their digital assets. With this platform, users can scan their websites for vulnerabilities and receive detailed reports on discovered vulnerabilities. This allows website owners to take action quickly and protect their websites from potential attacks. By using this platform, website owners can ensure the security of their digital assets and protect themselves from potential attacks.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture