Rtcamp: >> Rtmedia >> 1.0 Security Vulnerabilities
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-26
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
CVSS Score
7.2
EPSS Score
0.035
Published
2023-12-26