Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5939 | 1 Rtcamp | 1 Rtmedia | 2024-02-28 | N/A | 7.2 HIGH |
| The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users. | |||||
| CVE-2023-5931 | 1 Rtcamp | 1 Rtmedia | 2024-02-28 | N/A | 8.8 HIGH |
| The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server | |||||