WordPress Plugin CM Download Manager Code Injection - CVE-2014-8877

WordPress Plugin CM Download Manager is prone to a vulnerability that lets remote attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary code within the context of the affected webserver process this may result in total compromise of the web server. WordPress Plugin CM Download Manager version 2.0.3 is vulnerable prior versions may also be affected.