cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-1609,https://securityvulnerability.io/vulnerability/CVE-2022-1609,The School Management < 9.9.7 - Unauthenticated RCE via REST api,"The School Management WordPress plugin, prior to version 9.9.7, is susceptible to a security vulnerability involving an obfuscated backdoor within its license checking mechanism. This backdoor registers a REST API handler that potentially allows an unauthorized attacker to execute arbitrary PHP code on affected websites. The exposure through this backdoor increases the risk of exploitation on WordPress installations utilizing this plugin, making it imperative for site administrators to update to the latest version to mitigate this security concern.",WordPress,School-management-pro,9.8,CRITICAL,0.0730699971318245,false,false,false,true,true,false,false,2024-01-16T15:52:21.658Z,0