WordPress Plugin WordPress Download Manager Security Bypass - CVE-2014-9260

WordPress Plugin WordPress Download Manager is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update every WordPress options by using basic_settings() function which may lead to the creation of a new account with administrative privileges. WordPress Plugin WordPress Download Manager version 2.7.2 is vulnerable prior versions may also be affected.