An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page.
{ "source": "CPE_STRING", "extracted_events": [ { "introduced": "4.7.10-dev2" }, { "last_affected": "4.7.10-dev2" } ], "cpe": "cpe:2.3:a:pluck-cms:pluck:4.7.10:dev2:*:*:*:*:*:*" }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-20918.json"