Medium 4.9 Unfixed
2026-04-08≤ 2.2.38
CVE-2026-39631
School Management System – WPSchoolPress
Minimum safe version
2.2.24
Update to 2.2.24 or later to address 17 fixable vulnerabilities
Latest available2.2.40 ✓⚠ 1 vulnerability has no fix
Medium 4.9
2025-11-14< 2.2.24
CVE-2025-11981
Medium 4.3
2025-03-15< 2.2.17
School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User Deletion
Medium 6.5
2025-03-15< 2.2.17
School Management System – WPSchoolPress <= 2.2.16 - Authenticated (Parent+) SQL Injection
High 8.8
2025-03-15< 2.2.17
School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Privilege Escalation via Account Takeover
Medium 6.5
2025-03-15< 2.2.18
School Management System – WPSchoolPress <= 2.2.17 - Authenticated (Teacher+) SQL Injection
Medium 6.5
2025-01-07< 2.2.15
CVE-2024-12332
High 8.8
2024-10-26< 2.2.11
CVE-2024-9637
N/A
< 2.2.5
WPSchoolPress < 2.2.5 - Cross-Site Request Forgery
High 8.8
2023-10-17< 2.2.5
WordPress WPSchoolPress Plugin < 2.2.5 is vulnerable to SQL Injection
N/A
2023-09-19< 2.2.5
WordPress WPSchoolPress Plugin < 2.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
N/A
2023-09-18< 2.2.5
WPSchoolPress <= 2.2.4 - Cross-Site Request Forgery
Medium 6.5
2024-12-13< 2.2.4
CVE-2023-37887
N/A
< 2.1.10
WPSchoolPress < 2.1.10 - Reflected Cross-Site Scripting
N/A
2021-10-11< 2.1.10
School Management System – WPSchoolPress < 2.1.10 - Reflected Cross-Site Scripting
N/A
2021-10-11< 2.1.10
WordPress WPSchoolPress plugin <= 2.1.9 - Reflected Cross-Site Scripting (XSS) vulnerability
Medium 4.8
2021-11-08< 2.1.17
CVE-2021-24664
High 8.8
2021-11-08< 2.1.10
CVE-2021-24575