Lucene search
HistoryDec 26, 2023 - 7:15 p.m.
CVE-2023-5939
cve-2023-5939
rtmedia
wordpress
buddypress
bbpress
plugin
remote code execution
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
43.2%
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
Affected configurations
Node
bbpressbbpressRange<4.6.16
CNA Affected
[
{
"vendor": "Unknown",
"product": "rtMedia for WordPress, BuddyPress and bbPress",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "4.6.16"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Social References
More
Related
nvd
nvd
CVE-2023-5939
2023-12-26 19:15:08
wpvulndb
wpvulndb
rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Admin+ RCE
2023-11-29 00:00:00
cvelist
cvelist
prion
prion
Remote code execution
2023-12-26 19:15:00
wpexploit
wpexploit
rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Admin+ RCE
2023-11-29 00:00:00
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
43.2%
Related for CVE-2023-5939