WordPress.Download.Manager.wpdm_upload_icons.Code.Execution
Description
This indicates an attack attempt against a Code Exectuion vulnerability in WordPress Download Manager.
The vulnerability is caused by an error when the vulnerable software handles a http request with malicious wpdm_ajax_call action. It allows a remote attacker to gain control vulnerable systems via a crafted http request.
Affected Products
WordPress Download Manager before 2.7.5
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the web site.
https://wordpress.org/plugins/download-manager/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |