Advanced Access Manager allows admin users to write arbitrary files and execute arbitrary php (WordPress plugin) CVE-2014-6059