cleantalk
Vulnerabilities and Security Researches

Student Result or Employee Database, af2fead6-9f8e-4c00-ac50-440de969ca42

CVE, Research URL

af2fead6-9f8e-4c00-ac50-440de969ca42

Home page URL

Security reports for Student Result or Employee Database

Application

Student Result or Employee Database

Published on
-
Research Description
Student Result or Employee Database [simple-student-result] < 1.7.5 Student Result or Employee Database &lt; 1.8.0 - Unauthorised REST Calls The plugin has a flawed permission callback in its REST endpoints, allowing unauthenticated attackers to call them and add/edit/delete arbitrary student for example
Affected versions
max 1.7.5.
Status
vulnerable
Previous vulnerability researches
Student Result or Employee Database (4f89f73d790d9e6f578d23ebcad8884710e982f2) , Jun 16, 2026
Student Result or Employee Database (af2fead6-9f8e-4c00-ac50-440de969ca42) , Jun 16, 2026
Student Result or Employee Database (602eb53e67fc9a4dd6d8ee19c4a1966aade0d789) , Jun 16, 2026
Student Result or Employee Database (b924353f6fd68617f83ce8598055a099e3f42ae0) , Jun 16, 2026
Student Result or Employee Database (CVE-2017-14766) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026