Beta

Report

School Management Pro < 9.9.7 is vulnerable to Unauthenticated Remote Code Execution (RCE) via REST API

Unauthenticated
Published
2022-05-19

The plugin School Management Pro in version 8.9 contains code that allows an attacker to remotely execute code.

CVE

https://www.cve.org/CVERecord?id=CVE-2022-1609

CVSS

Score:10

Severity:Critical

Version:< 9.9.7

There is a patch available in v9.9.7 and we strongly recommend you update to this version as soon as possible.