Plattform
wordpress
Komponente
school-management-system
Behoben in
93.1.1
CVE-2025-3740 is a Privilege Escalation vulnerability affecting the School Management System for Wordpress plugin. This vulnerability allows authenticated attackers, even those with Subscriber-level access, to include and execute arbitrary files on the server. Versions 0.0.0 through 93.1.0 are vulnerable, and a fix is available in version 1.93.1.
The core impact of CVE-2025-3740 lies in its ability to enable arbitrary file inclusion and code execution. An attacker with Subscriber access can leverage the 'page' parameter to include malicious PHP files, effectively bypassing access controls. This could lead to the disclosure of sensitive data stored on the server, modification of plugin configurations, or even complete compromise of the WordPress installation. The ability to execute arbitrary code opens the door to a wide range of malicious activities, including installing backdoors, stealing user credentials, and defacing the website. This vulnerability shares similarities with other Local File Inclusion (LFI) exploits, where attackers manipulate file paths to gain unauthorized access.
CVE-2025-3740 was publicly disclosed on 2025-07-18. As of this date, no public proof-of-concept (PoC) code has been released, but the vulnerability's nature makes it likely that a PoC will emerge. The EPSS score is currently pending evaluation, but the potential for remote code execution suggests a medium to high probability of exploitation. Monitor security advisories and vulnerability databases for updates.
Websites utilizing the School Management System for Wordpress plugin, particularly those with Subscriber-level users or those allowing file uploads, are at significant risk. Shared hosting environments where multiple WordPress installations share the same server resources are also particularly vulnerable, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r 'include($_GET["page"]' /var/www/html/wp-content/plugins/school-management-system-for-wordpress/• generic web:
curl -I http://your-wordpress-site.com/wp-content/plugins/school-management-system-for-wordpress/?page=../../../../etc/passwd | grep 'Server'disclosure
Exploit-Status
EPSS
0.20% (42% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-3740 is to immediately upgrade the School Management System for Wordpress plugin to version 1.93.1 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file upload permissions to prevent attackers from uploading malicious PHP files. Implement strict input validation on the 'page' parameter to prevent attackers from injecting arbitrary file paths. Web Application Firewalls (WAFs) can be configured to block requests containing suspicious file inclusion attempts. After upgrading, verify the fix by attempting to access a non-existent file through the 'page' parameter; the request should be denied.
Actualice el plugin School Management System for Wordpress a la versión 1.93.1 o superior para mitigar la vulnerabilidad de inclusión de archivos locales. Esta actualización aborda la posibilidad de que atacantes con privilegios de suscriptor ejecuten código arbitrario, lo que podría resultar en la escalada de privilegios.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-3740 is a vulnerability allowing authenticated attackers to execute arbitrary files on a server running the School Management System for Wordpress plugin, potentially leading to code execution.
Yes, if you are using School Management System for Wordpress versions 0.0.0 through 93.1.0, you are vulnerable to this Privilege Escalation vulnerability.
Upgrade the School Management System for Wordpress plugin to version 1.93.1 or later to remediate the vulnerability. Consider input validation and WAF rules as interim measures.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's ease of exploitation suggests a potential for attacks.
Refer to the plugin developer's website or WordPress.org plugin repository for the official advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.