Researchers Find Backdoor in School Management Plugin for WordPress

News

Multiple versions of a WordPress plugin by the name of “School Management Pro” harbored a backdoor that could grant an adversary complete control over vulnerable websites.

The issue, spotted in premium versions before 9.9.7, has been assigned the CVE identifier CVE-2022-1609 and is rated 10 out of 10 for severity.

The backdoor, which is believed to have existed since version 8.9, enables “an unauthenticated attacker to execute arbitrary PHP code on sites with the plugin installed,” Jetpack’s Harald Eilertsen said in a Friday write-up.

School Management, developed by an India-based company called Weblizar, is billed as a WordPress add-on to “manage complete school operation.” It also claims more than 340,000 customers of its premium and free WordPress themes and plugins.

The WordPress security company noted that it uncovered the implant on May 4 after it was alerted to the presence of heavily obfuscated code in the license-checking code of the plugin. The free version of School Management, which doesn’t pack the licensing code, is not impacted.

CyberSecurity

While the backdoor has since been removed, the exact origins of the compromise remains unclear, with the vendor stating that “they do not know when or how the code came into their software.”

Customers of the plugin are recommended to update to the latest version (9.9.7) to prevent active exploitation attempts.

Products You May Like

Articles You May Like

BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk
Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
Russian Cyber Spies Target Organizations with HatVibe and CherrySpy Malware
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits

Leave a Reply

Your email address will not be published. Required fields are marked *