Researchers find backdoor lurking in WordPress plugin used by schools

2 years ago
May 21, 2022
2 replies
6 views

+54

Jasper_The_Rasper
Moderator
11547 replies

If you've used School Management Pro, it's time to check your site, stat.

DAN GOODIN - 5/20/2022

Researchers said on Friday that they found a malicious backdoor in a WordPress plugin that gave attackers full control of websites that used the package, which is marketed to schools.

The premium version of School Management, a plugin schools use to operate and manage their websites, has contained the backdoor since at least version 8.9, researchers at website security service Jetpack said in a blog post without ruling out that it had been present in earlier versions. This page from a third-party site shows that version 8.9 was released last August.

>> Full Article <<

+6

kleinmat4103
Popular Voice
512 replies
2 years ago
May 23, 2022

Seems like the plugin company should at the very least pay for a vulnerability scan for their paying customers. The backdoor has been there since at least last August.

+1

stlshark
New Member
93 replies
2 years ago
May 23, 2022

As if security wasn’t hard enough for schools. Things like this really do not help an already overwhelmed and underfunded administrator.

If you've used School Management Pro, it's time to check your site, stat.

Reply

Related Topics

HELP! Spam attack? More sign-ups than users...icon

USUARIOS FALSOSicon

Suspicious SPAM adresses signing upicon

Spam attacks: How can I block fake email addresses to subscribe?icon

Where do these fake profiles come from?icon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded