Platform
wordpress
Component
school-management-system
Fixed in
93.1.1
CVE-2025-3740 is a Privilege Escalation vulnerability affecting the School Management System for Wordpress plugin. This vulnerability allows authenticated attackers, even those with Subscriber-level access, to include and execute arbitrary files on the server. Versions 0.0.0 through 93.1.0 are vulnerable, and a fix is available in version 1.93.1.
The vulnerability stems from a Local File Inclusion (LFI) flaw within the plugin's 'page' parameter. An attacker with Subscriber access or higher can exploit this to include and execute arbitrary PHP code. This effectively bypasses access controls and allows the attacker to gain control over the server. The impact extends beyond simple data access; attackers can potentially modify the plugin's functionality, install malicious code, or even compromise the entire WordPress installation. The ability to chain this LFI with uploaded files (images, etc.) significantly increases the attack surface and potential for code execution.
This vulnerability was publicly disclosed on 2025-07-18. While no active exploitation campaigns have been publicly confirmed, the ease of exploitation and the plugin's popularity suggest a potential for widespread attacks. The vulnerability's nature, involving LFI, aligns with common attack patterns and could be quickly leveraged. It is not currently listed on the CISA KEV catalog, but its HIGH CVSS score warrants close monitoring.
Exploit Status
EPSS
0.20% (42% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade the School Management System for Wordpress plugin to version 1.93.1 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file upload permissions to prevent attackers from uploading malicious files that can be included. Implement strict input validation on the 'page' parameter to prevent malicious file paths from being included. Web Application Firewalls (WAFs) configured to detect and block LFI attempts can provide an additional layer of defense. Monitor WordPress logs for suspicious file inclusion attempts.
Actualice el plugin School Management System for Wordpress a la versión 1.93.1 o superior para mitigar la vulnerabilidad de inclusión de archivos locales. Esta actualización aborda la posibilidad de que atacantes con privilegios de suscriptor ejecuten código arbitrario, lo que podría resultar en la escalada de privilegios.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-3740 is a vulnerability allowing authenticated attackers to execute arbitrary files on a server running the School Management System for Wordpress plugin, potentially leading to code execution.
Yes, if you are using School Management System for Wordpress versions 0.0.0 through 93.1.0, you are vulnerable to this Privilege Escalation vulnerability.
Upgrade the School Management System for Wordpress plugin to version 1.93.1 or later to remediate the vulnerability. Consider input validation and WAF rules as interim measures.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's ease of exploitation suggests a potential for attacks.
Refer to the plugin developer's website or WordPress.org plugin repository for the official advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.