Description
Manual confirmation is required for this alert.
This script is using the PHP function eval() on user input. If the user input is not properly validated, a remote user can supply a specially crafted input to pass arbitrary code to an eval() statement, which can result in code execution.
Remediation
Review the source code of this script and make sure user input is properly validated.
References
Related Vulnerabilities
WordPress Plugin All-in-One WP Migration Remote Code Execution (2.0.2)
WordPress 2.6.2 Remote Code Execution Vulnerability (0.70 - 2.6.2)
Apache Log4j2 JNDI Remote Code Execution (delayed)
WordPress Plugin WP Maintenance Mode Remote Code Execution (2.0.6)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)