A vulnerability labeled as critical has been found in Cherryframework Cherry Framework Themes 3.1.4 on WordPress. This vulnerability affects unknown code of the file download_backup.php . Executing a manipulation can lead to missing authentication. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is tracked as CVE-2018-25437 . The attack can be launched remotely. Moreover, an exploit is present.