Lucene search

SAINT CorporationSAINT:199B4764E7C4AB09BDCC5427977F0F3D

HistoryAug 12, 2022 - 12:00 a.m.

Weblizar School Management Pro plugin backdoor

2022-08-1200:00:00

SAINT Corporation

download.saintcorporation.com

177

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.166 Low

EPSS

Percentile

96.1%

JSON

Added: 08/12/2022
CVE: CVE-2022-1609

Background

Weblizar School Management is a WordPress plugin for management of school operations.

Problem

The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands.

Resolution

Upgrade to the current version of School Management Pro.

References

<https://jetpack.com/blog/backdoor-found-in-the-school-management-pro-plugin-for-wordpress/>

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.166 Low

EPSS

Percentile

96.1%

JSON

Related for SAINT:199B4764E7C4AB09BDCC5427977F0F3D