Does ScholaBook – School Management Integration have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ScholaBook – School Management Integration compatible with WordPress 6.9.4?

According to WordPress.org data, ScholaBook – School Management Integration 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ScholaBook – School Management Integration compatible with PHP 7.4+?

ScholaBook – School Management Integration requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ScholaBook – School Management Integration updated?

ScholaBook – School Management Integration was last updated on Apr 5, 2026. Frequent updates are generally a positive security signal.

What is ScholaBook – School Management Integration's security score?

ScholaBook – School Management Integration has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ScholaBook – School Management Integration Security & Risk Analysis

wordpress.org/plugins/scholabook

Connect your school website to ScholaBook SaaS for fee lookup, receipts, attendance, holidays, notices, and a parent portal.

0 active installs v1.0.0 PHP 7.4+ WP 6.2+ Updated Apr 5, 2026

attendanceeducationfeesparent-portalschool

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ScholaBook – School Management Integration Safe to Use in 2026?

Generally Safe

Score 100/100

ScholaBook – School Management Integration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "scholabook" v1.0.0 plugin exhibits a generally strong security posture, particularly evident in its robust use of prepared statements for all SQL queries and excellent output escaping (98%). The absence of dangerous functions and file operations further contributes to its security. Furthermore, the plugin has no recorded historical vulnerabilities, which suggests a history of responsible development and security awareness.

However, the taint analysis reveals a significant concern: three flows with unsanitized paths were identified. While these are not classified as critical or high severity in the provided data, the presence of unsanitized paths is a potential entry point for vulnerabilities, especially if they involve user-supplied input. Additionally, while the attack surface is not explicitly unprotected, a large number of entry points (30 total) combined with the taint findings warrants careful attention. The limited number of capability checks (5) across these entry points could also be a minor area for review.

In conclusion, "scholabook" v1.0.0 demonstrates a good foundation with its secure coding practices for SQL and output. Nevertheless, the identified unsanitized paths in the taint analysis present a real, albeit unexploited or low-severity, risk that needs to be addressed to maintain a high level of security. The clean vulnerability history is a positive indicator, but the taint findings highlight a need for continued vigilance and code review.

Key Concerns

Taint flow with unsanitized path (3 instances)

Vulnerabilities

None known

ScholaBook – School Management Integration Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ScholaBook – School Management Integration Release Timeline

v1.0.0Current

Code Analysis

Analyzed Apr 16, 2026

ScholaBook – School Management Integration Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

291 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared16 total queries

Output Escaping

98% escaped296 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

authenticate_guardian (includes/class-scholabook.php:609)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ScholaBook – School Management Integration Attack Surface

Entry Points30

Unprotected0

AJAX Handlers 19

authwp_ajax_scholabook_test_connectionincludes/class-scholabook.php:210

noprivwp_ajax_scholabook_request_otpincludes/class-scholabook.php:213

authwp_ajax_scholabook_request_otpincludes/class-scholabook.php:214

noprivwp_ajax_scholabook_verify_otpincludes/class-scholabook.php:215

authwp_ajax_scholabook_verify_otpincludes/class-scholabook.php:216

noprivwp_ajax_scholabook_password_loginincludes/class-scholabook.php:217

authwp_ajax_scholabook_password_loginincludes/class-scholabook.php:218

noprivwp_ajax_scholabook_guardian_logoutincludes/class-scholabook.php:219

authwp_ajax_scholabook_guardian_logoutincludes/class-scholabook.php:220

noprivwp_ajax_scholabook_fee_lookupincludes/class-scholabook.php:223

authwp_ajax_scholabook_fee_lookupincludes/class-scholabook.php:224

noprivwp_ajax_scholabook_portal_dataincludes/class-scholabook.php:227

authwp_ajax_scholabook_portal_dataincludes/class-scholabook.php:228

noprivwp_ajax_scholabook_leave_applyincludes/class-scholabook.php:231

authwp_ajax_scholabook_leave_applyincludes/class-scholabook.php:232

noprivwp_ajax_scholabook_leave_cancelincludes/class-scholabook.php:233

authwp_ajax_scholabook_leave_cancelincludes/class-scholabook.php:234

noprivwp_ajax_scholabook_receipt_downloadincludes/class-scholabook.php:237

authwp_ajax_scholabook_receipt_downloadincludes/class-scholabook.php:238

REST API Routes 1

POST/wp-json/scholabook/v1/cache/invalidateincludes/class-scholabook.php:750

Shortcodes 10

[scholabook_attendance] includes/Modules/Attendance/class-attendance-shortcode.php:23

[scholabook_fee_lookup] includes/Modules/Fees/class-fee-lookup-shortcode.php:21

[scholabook_fee_receipts] includes/Modules/Fees/class-fee-receipt-shortcode.php:23

[scholabook_fee_summary] includes/Modules/Fees/class-fee-summary-shortcode.php:23

[scholabook_holidays] includes/Modules/Holidays/class-holidays-shortcode.php:21

[scholabook_notices] includes/Modules/Notices/class-notices-shortcode.php:21

[scholabook_guardian_dashboard] includes/Modules/Portal/class-guardian-dashboard-shortcode.php:23

[scholabook_guardian_login] includes/Modules/Portal/class-guardian-login-shortcode.php:30

[scholabook_portal] includes/Modules/Portal/class-portal-shortcode.php:26

[scholabook_school_info] includes/Modules/SchoolInfo/class-school-info-shortcode.php:21

WordPress Hooks 9

actionadmin_menuincludes/Admin/class-admin-menu.php:18

actionadmin_initincludes/Admin/class-admin-menu.php:19

actionwidgets_initincludes/Modules/SchoolInfo/class-school-info-module.php:24

actionwp_enqueue_scriptsincludes/class-scholabook.php:93

actionadmin_enqueue_scriptsincludes/class-scholabook.php:94

actionrest_api_initincludes/class-scholabook.php:100

actionscholabook_prune_api_logincludes/class-scholabook.php:103

actionadmin_noticesscholabook.php:83

actionplugins_loadedscholabook.php:104

Scheduled Events 1

scholabook_prune_api_log

Maintenance & Trust

ScholaBook – School Management Integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 5, 2026

PHP min version7.4

Downloads56

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

ScholaBook – School Management Integration Alternatives

The School Management – Education & Learning Management

school-management-system

The School Management System is a WordPress plugin to manage school and its entities such as classes, sections, students, ID cards, teachers, staff, f …

1K 1 CVE

Educare – Students & Result Management System

educare

No. 1 Academic Students & Result Management system for WordPress. Educare helps you effortlessly publish and manage student results online.

900 3 CVEs

Feesable Fee Calculator

feesable-fee-calculator

100

Display the Feesable Fee Calculator on your site

40 No CVEs

Moodle Course List Widget

moodle-course-list-widget

This plugin will allow you to display a list of Moodle courses for a specific user of Moodle.

20 No CVEs

Classroom

classroom

Create a digital video based classroom in WordPress. This plugin gives you the ability to publish classes. It's flexible enough to combine with o …

10 No CVEs

Developer Profile

ScholaBook – School Management Integration Developer Profile

scholabook

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ScholaBook – School Management Integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/scholabook/public/js/fee-lookup.js/wp-content/plugins/scholabook/public/js/guardian-auth.js/wp-content/plugins/scholabook/public/css/scholabook-public.css/wp-content/plugins/scholabook/public/js/scholabook-public.js

Script Paths

/wp-content/plugins/scholabook/public/js/fee-lookup.js/wp-content/plugins/scholabook/public/js/guardian-auth.js/wp-content/plugins/scholabook/public/js/scholabook-public.js

Version Parameters

scholabook/public/js/fee-lookup.js?ver=scholabook/public/js/guardian-auth.js?ver=scholabook/public/css/scholabook-public.css?ver=scholabook/public/js/scholabook-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

sb-containersb-login-requiredsb-login-authenticated

JS Globals

scholabook_data

REST Endpoints

/wp-json/scholabook/v1/auth/login/wp-json/scholabook/v1/auth/logout/wp-json/scholabook/v1/auth/session/wp-json/scholabook/v1/students/wp-json/scholabook/v1/students/%d/fees/summary/wp-json/scholabook/v1/students/%d/attendance/summary

Shortcode Output

Please log in to access the parent portal.<a href="#scholabook-login">Login</a>No students linked to your account.You are already logged in.

FAQ