EUVD-2024-54149

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

School Management System for WordPress vulnerable to SQL Injection through 'id' parameter in AJAX action

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-12607	7 Mar 202508:35	–	circl
CNNVD	WordPress plugin School Management System SQL注入漏洞	7 Mar 202500:00	–	cnnvd
CVE	CVE-2024-12607	7 Mar 202508:21	–	cve
Cvelist	CVE-2024-12607 School Management System for Wordpress <= 92.0.0 - Authenticated (Subscriber+) SQL Injection via 'mj_smgt_show_event_task'	7 Mar 202508:21	–	cvelist
NVD	CVE-2024-12607	7 Mar 202509:15	–	nvd
OSV	CVE-2024-12607	7 Mar 202509:15	–	osv
Patchstack	WordPress School Management System for Wordpress plugin <= 92.0.0 - Authenticated (Subscriber+) SQL Injection via 'mj_smgt_show_event_task' vulnerability	7 Mar 202509:39	–	patchstack
RedhatCVE	CVE-2024-12607	9 Mar 202508:45	–	redhatcve
Vulnrichment	CVE-2024-12607 School Management System for Wordpress <= 92.0.0 - Authenticated (Subscriber+) SQL Injection via 'mj_smgt_show_event_task'	7 Mar 202508:21	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (March 3, 2025 to March 9, 2025)	13 Mar 202514:48	–	wordfence

[
  {
    "enisaIdVendor": [
      {
        "id": "37bfb52f-51db-392f-a41b-ba5588465a5c",
        "vendor": {
          "name": "dasinfomedia"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "3a2f2eeb-438b-3739-a8da-fd7c4c9fe378",
        "product": {
          "name": "School Management System for Wordpress"
        },
        "product_version": "* ≤92.0.0"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/175fe7f4-ac92-4c52-9889-47635c21cd9b
codecanyon	www.codecanyon.net/item/school-management-system-for-wordpress/11470032

03 Oct 2025 20:07Current

9.2High risk

Vulners AI Score9.2

CVSS 3.16.5

EPSS0.00143

SSVC