2 matches found
CVE-2023-5931
The CVE-2023-5931 affects the rtMedia plugin for WordPress, BuddyPress and bbPress (pre-4.6.16). The issue stems from missing validation of uploaded files, enabling a low-privilege user (e.g., subscriber) to upload arbitrary files such as PHP, potentially leading to remote code execution (RCE). P...
CVE-2023-5939
The vulnerability CVE-2023-5939 affects the rtMedia for WordPress, BuddyPress and bbPress plugin prior to version 4.6.16. The issue arises because the plugin loads the contents of an import file in an unsafe manner, enabling remote code execution by privileged users. Impact is remote code executi...