Versions before 9.9.7 of the WordPress plugin “The School Management Pro” from Weblizar contain a backdoor allowing an unauthenticated attacker to execute arbitrary PHP code on sites with the plugin installed. If you have an earlier version installed on your site, we recommend upgrading to version 9.9.7 or later immediately. This is a critical security issue.
Read on for the full details.
Continue reading → Backdoor found in The School Management Pro plugin for WordPress