Exploit for Weblizar School Management Pro plugin backdoor CVE-2022-1609

Name: Exploit for Weblizar School Management Pro plugin backdoor CVE-2022-1609
Rating: 5 (55 reviews)

2022-08-12 | CVSS 2.1

## https://sploitus.com/exploit?id=SAINT:199B4764E7C4AB09BDCC5427977F0F3D
Added: 08/12/2022  
CVE: [CVE-2022-1609](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1609>)  


### Background

[Weblizar School Management](<https://weblizar.com/plugins/school-management/>) is a WordPress plugin for management of school operations. 

### Problem

The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands. 

### Resolution

Upgrade to the current version of School Management Pro. 

### References

<https://jetpack.com/blog/backdoor-found-in-the-school-management-pro-plugin-for-wordpress/>