{
  "id": "CVE-2022-1609",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2024-01-16T16:15:09.530",
  "lastModified": "2024-01-16T23:12:38.473",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://wpscan.com/vulnerability/e2d546c9-85b6-47a4-b951-781b9ae5d0f2/",
      "source": "contact@wpscan.com"
    }
  ]
}