Igexsolutions Wpschoolpress

9 CVEs affecting Igexsolutions Wpschoolpress. Latest disclosed: 2025-03-15. Critical: 0, High: 4.

Top CVEs affecting Igexsolutions Wpschoolpress
CVESeverityScorePublishedSummary
CVE-2025-1667High8.82025-03-15The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wpsp_UpdateTea…
CVE-2024-9637High8.82024-10-26The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and includi…
CVE-2023-4776High8.82023-10-16The School Management System WordPress plugin before 2.2.5 uses the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare t…
CVE-2021-24575High8.82021-11-08The School Management System – WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared statements before using POST variable in…
CVE-2025-1670Medium6.52025-03-15The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including…
CVE-2025-1669Medium6.52025-03-15The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'addNotify' action in all versions up to, and includin…
CVE-2024-12332Medium6.52025-01-07The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including…
CVE-2021-24664Medium4.82021-11-08The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before ou…
CVE-2025-1668Medium4.32025-03-15The School Management System – WPSchoolPress plugin for WordPress is vulnerable to arbitrary user deletion due to a missing capability check on the wpsp_Delete…