4 matches found
CVE-2025-1670
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including, 2.2.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This make...
CVE-2025-1670
creationtimestamp| type| source ---|---|--- 2025-03-15 03:48:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7653 2025-03-15 04:56:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkfdkycxut2l 2025-03-15 06:55:46+00:00| seen| https://t.me/cvedetector/20...
CVE-2025-1670 School Management System – WPSchoolPress <= 2.2.16 - Authenticated (Parent+) SQL Injection
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including, 2.2.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This make...
CVE-2025-1670
CVE-2025-1670 describes an authenticated SQL injection in the School Management System – WPSchoolPress WordPress plugin (