Lucene search
WPScanCVELIST:CVE-2022-1609HistoryJan 16, 2024 - 3:52 p.m.
CVE-2022-1609 The School Management < 9.9.7 - Unauthenticated RCE via REST api
2024-01-1615:52:21
WPScan
www.cve.org
3
cve-2022-1609 school management obfuscated backdoor php code
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it’s license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site.
CNA Affected
[
{
"vendor": "Unknown",
"product": "school-management-pro",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "9.9.7"
}
],
"defaultStatus": "unaffected"
}
]Related
githubexploit
githubexploit
Exploit for CVE-2022-1609
2022-06-03 02:49:49
Exploit for Code Injection in Weblizar School Management
2022-06-09 14:36:55
Exploit for CVE-2022-1609
2022-06-03 02:49:49
wpvulndb
wpvulndb
The School Management < 9.9.7 - Unauthenticated RCE via REST api
2022-05-18 00:00:00
attackerkb
attackerkb
CVE-2022-1609
2024-01-16 00:00:00
prion
prion
Code injection
2024-01-16 16:15:00
nvd
nvd
CVE-2022-1609
2024-01-16 16:15:09
cve
cve
CVE-2022-1609
2024-01-16 16:15:09
wpexploit
wpexploit
The School Management < 9.9.7 - Unauthenticated RCE via REST api
2022-05-18 00:00:00
patchstack
patchstack
thn
thn
Researchers Find Backdoor in School Management Plugin for WordPress
2022-05-21 05:11:00
saint
saint
Weblizar School Management Pro plugin backdoor
2022-08-12 00:00:00
Weblizar School Management Pro plugin backdoor
2022-08-12 00:00:00
nuclei
nuclei
The School Management < 9.9.7 - Remote Code Execution
2022-05-26 06:25:43