CVE-2020-20918 Information

Description

An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page.

Reference

https://github.com/pluck-cms/pluck/issues/80