Arbitrary File Upload Vulnerability in School Management System for WordPress

CVE-2024-9659

9.8CRITICAL

Key Information

Vendor
School Management System for WordPress
Vendor
CVE Published:
23 November 2024

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

The School Management System for WordPress plugin is susceptible to an arbitrary file upload vulnerability due to inadequate file type validation within the mj_smgt_user_avatar_image_upload() function. This flaw is present in all versions up to and including 91.5.0, allowing unauthenticated users to potentially upload malicious files to the server of an affected site. This vulnerability could lead to remote code execution, facilitating various attack vectors that may compromise the integrity and security of the server.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

Collectors

NVD Database1 Proof of Concept(s)
.