A vulnerability classified as critical has been found in dasinfomedia School Management System Plugin up to 91.5.0 on WordPress. This affects the function
mj_smgt_load_documets_new/mj_smgt_load_documets
. The manipulation leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2024-9660. It is possible to initiate the attack remotely. There is no exploit available.