Unrated severityNVD Advisory· Published Dec 26, 2023· Updated Aug 2, 2024
rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Subscriber+ RCE
CVE-2023-5931
Description
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/rtMedia for WordPress, BuddyPress and bbPress WordPress plugindescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/3d6889e3-a01b-4e7f-868f-af7cc8c7531amitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.