CVE-2024-9658

Name of the Vulnerable Software and Affected Versions School Management System for Wordpress plugin versions up to, and including, 93.0.0

Description The issue arises from the plugin's failure to properly validate a user's identity before updating their details, such as email and password, through the mj smgt update user() and mj smgt add admission() functions. This, combined with a local file inclusion vulnerability, allows authenticated attackers with student-level access or higher to change arbitrary users' email addresses and passwords, including those of administrators. This can be leveraged to gain access to their accounts.

Recommendations For School Management System for Wordpress plugin versions up to, and including, 93.0.0, consider disabling the mj smgt update user() and mj smgt add admission() functions until a patch is available to prevent privilege escalation via account takeover. Restrict access to user detail updates to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.