Description
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Doc Embedder SQL Injection (2.5.16)
WordPress Plugin WordPress Comments Import & Export Cross-Site Request Forgery (2.1.10)
WordPress Plugin CM Download Manager Cross-Site Scripting (2.7.0)
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)