← Back

School Management

school_management

Vendor: Weblizar • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-33911
1Weblizar
1School Management
Apr 28, 2026
May 2, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4.
CVE-2022-1609
1Weblizar
1School Management
Jun 2, 2025
Jan 16, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP...Show more
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site.Show less