CVE-2025-6079 School Management System <= 93.2.0 - Authenticated (Student+) Arbitrary File Upload

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and abov...

CVE-2025-6079 School Management System <= 93.2.0 - Authenticated (Student+) Arbitrary File Upload

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and abov...

PT-2025-33522 · WordPress · School Management System For Wordpress

Name of the Vulnerable Software and Affected Versions: School Management System for WordPress plugin versions prior to 93.2.0 Description: The School Management System for WordPress plugin is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file. This...

WordPress plugin School Management System for Wordpress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...