SQL Injection Vulnerability in MojoJoomla School Management Software
CVE-2025-47575

8.5HIGH

Key Information:

Vendor: WordPress
Status: School Management
Vendor: CVE Published:; 23 May 2025

What is CVE-2025-47575?

The MojoJoomla School Management system contains a vulnerability that allows attackers to exploit improper neutralization of special elements in SQL commands. This SQL Injection flaw can enable unauthorized access to sensitive database information, posing significant risks to the data integrity and confidentiality of users. It specifically affects versions from n/a up to 92.0.0, making it imperative for users to implement appropriate security measures to mitigate potential attacks.

Affected Version(s)

School Management <= 92.0.0

References

https://patchstack.com/database/wordpress/plugin/school-m...

vdb-entry

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2025
Vulnerability Reserved
May 7, 2025

Credit

Cút lộn xào me (Patchstack Alliance)