VYPR
Unrated severityNVD Advisory· Published Dec 26, 2023· Updated Aug 2, 2024

rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Subscriber+ RCE

CVE-2023-5931

Description

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • WordPress/rtMedia for WordPress, BuddyPress and bbPress WordPress plugindescription
  • rtMedia/rtMediallm-fuzzy
    Range: <4.6.16

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.