Lucene search

SAINT CorporationSAINT:69B4DD72AE65C3BC03A4C5A02E639CE9

HistoryAug 12, 2022 - 12:00 a.m.

Weblizar School Management Pro plugin backdoor

2022-08-1200:00:00

SAINT Corporation

my.saintcorporation.com

121

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.166 Low

EPSS

Percentile

96.1%

JSON

Added: 08/12/2022
CVE: CVE-2022-1609

Background

Weblizar School Management is a WordPress plugin for management of school operations.

Problem

The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands.

Resolution

Upgrade to the current version of School Management Pro.

References

<https://jetpack.com/blog/backdoor-found-in-the-school-management-pro-plugin-for-wordpress/>

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.166 Low

EPSS

Percentile

96.1%

JSON

Related for SAINT:69B4DD72AE65C3BC03A4C5A02E639CE9