NVD CVE-2014-8708 March 17, 2017 007admin Leave a comment Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature.