WPSchoolPress
Ronik@UnlimitedWP
Developer
2.2.28
Latest version
2,000
Installations
Nov 4, 2025
Last updated
Vulnerability history
4 present
9 fixed
5 Mitigation rules
- Authenticated (Administrator+) SQL Injection vulnerability<= 2.2.234 days ago
- Missing Authorization to Arbitrary User Deletion vulnerability<= 2.2.16Mar 14, 2025
- Authenticated (Parent+) SQL Injection vulnerability<= 2.2.16Mar 14, 2025
- Authenticated (Teacher+) SQL Injection vulnerability<= 2.2.16Mar 14, 2025
- Missing Authorization to Privilege Escalation via Account Takeover vulnerability<= 2.2.16Mar 14, 2025
- Authenticated (Student/Parent+) SQL Injection vulnerability<= 2.2.14Jan 7, 2025
- Insecure Direct Object Reference to Authenticated (Teacher+) Account Takeover/Privilege Escalation vulnerability<= 2.2.10Oct 25, 2024
- Teacher+ SQLi vulnerability< 2.2.5Oct 17, 2023
- Cross-Site Request Forgery vulnerability< 2.2.5Sep 19, 2023
- Broken Access Control vulnerability<= 2.2.7Jul 11, 2023
- Multiple Stored Cross-Site Scripting (XSS) vulnerabilities<= 2.1.16Oct 11, 2021
- Multiple Authenticated SQL Injections (SQLi) vulnerabilities<= 2.1.9Oct 11, 2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 2.1.9Oct 11, 2021