CVE-2024-12610 – This vulnerability in the School Management Sys... (How to Fix)

📋 TL;DR

This vulnerability in the School Management System for WordPress plugin allows unauthenticated attackers to delete arbitrary posts due to missing capability checks on AJAX endpoints. All WordPress sites using this plugin up to version 93.0.0 are affected. Attackers can exploit this without any authentication.

💻 Affected Systems

Products:

School Management System for WordPress plugin

Versions: All versions up to and including 93.0.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with the vulnerable plugin active. No special configuration required for exploitation.

📦 What is this software?

School Management System by Dasinfomedia

View all CVEs affecting School Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete website content deletion, including critical pages, posts, and custom post types managed by the plugin, potentially causing business disruption and data loss.

🟠

Likely Case

Selective deletion of important posts/pages, defacement, or removal of content to disrupt operations or cause reputational damage.

🟢

If Mitigated

Limited impact if proper web application firewalls and access controls are in place to block unauthenticated AJAX requests.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending crafted AJAX requests to vulnerable endpoints. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 93.0.0

Vendor Advisory: https://codecanyon.net/item/school-management-system-for-wordpress/11470032

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find 'School Management System for WordPress'
4. Click 'Update Now' if update available
5. If no update available, deactivate and remove plugin immediately

🔧 Temporary Workarounds

Block vulnerable AJAX endpoints

all

Use web application firewall or .htaccess to block access to the vulnerable AJAX actions

# Add to .htaccess or WAF rules:
RewriteCond %{QUERY_STRING} (mj_smgt_remove_feetype|mj_smgt_remove_category_new) [NC]
RewriteRule .* - [F,L]

Disable plugin

linux

Temporarily deactivate the plugin until patched

wp plugin deactivate school-management-system

🧯 If You Can't Patch

Implement strict web application firewall rules to block unauthenticated AJAX requests
Enable comprehensive logging and monitoring for post deletion activities

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → School Management System for WordPress. If version is 93.0.0 or lower, you are vulnerable.

Check Version:

wp plugin get school-management-system --field=version

Verify Fix Applied:

After update, verify plugin version is higher than 93.0.0. Test AJAX endpoints with unauthenticated requests should return proper authorization errors.

📡 Detection & Monitoring

Log Indicators:

POST requests to /wp-admin/admin-ajax.php with action=mj_smgt_remove_feetype or mj_smgt_remove_category_new from unauthenticated users
Sudden increase in post deletions or trash operations

Network Indicators:

Unusual AJAX requests to WordPress admin endpoints from external IPs without authentication cookies

SIEM Query:

source="web_logs" AND uri="/wp-admin/admin-ajax.php" AND (query_string="*mj_smgt_remove_feetype*" OR query_string="*mj_smgt_remove_category_new*") AND NOT user_agent="*bot*"

📊 Metadata

CVE ID: CVE-2024-12610

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-862

EPSS Score: 0.38% exploit probability (58.9th percentile)

Published: March 7, 2025

Last Updated: July 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12610, you might also want to check these: