Researchers Find Backdoor in School Management Plugin for WordPress

This article has been indexed from

The Hacker News

Multiple versions of a WordPress plugin by the name of “School Management Pro” harbored a backdoor that could grant an adversary complete control over vulnerable websites.
The issue, spotted in premium versions before 9.9.7, has been assigned the CVE identifier CVE-2022-1609 and is rated 10 out of 10 for severity.
The backdoor, which is believed to have existed since version 8.9, enables “an

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!