The WPSchoolPress plugin for WordPress is not secure in versions 2.2.4 and earlier. This means that people with Teacher permissions can use the plugin to gather private information from the database. This happens because the plugin does not adequately protect information that is inputted by users and does not properly prepare the existing SQL query.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
