9 matches found
CVE-2022-1609
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...
CVE-2022-1609
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...
CVE-2022-1609
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...
CVE-2022-1609 The School Management < 9.9.7 - Unauthenticated RCE via REST api
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...
CVE-2022-1609
CVE-2022-1609 affects The School Management WordPress plugin prior to version 9.9.7. The obfuscated backdoor is injected in the license checking code and registers a REST API handler, enabling an unauthenticated attacker to execute arbitrary PHP code on the site (RCE). Impact is the ability to ru...
Weblizar School Management Pro plugin backdoor
Added: 08/12/2022 CVE: CVE-2022-1609 Background Weblizar School Management is a WordPress plugin for management of school operations. Problem The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands. Resolution Upgrade to t...
Weblizar School Management Pro plugin backdoor
Added: 08/12/2022 CVE: CVE-2022-1609 Background Weblizar School Management is a WordPress plugin for management of school operations. Problem The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands. Resolution Upgrade to t...
Exploit for Code Injection in Weblizar School_Management
CVE-2022-1609 Bash poc for CVE-2022-1609 WordPress Weblizar B...
Researchers Find Backdoor in School Management Plugin for WordPress
Multiple versions of a WordPress plugin by the name of "School Management Pro" harbored a backdoor that could grant an adversary complete control over vulnerable websites. The issue, spotted in premium versions before 9.9.7, has been assigned the CVE identifier CVE-2022-1609 and is rated 10 out o...