cleantalk
Vulnerabilities and Security Researches

rtMedia for WordPress, BuddyPress and bbPress, CVE-2023-5931

CVE, Research URL

CVE-2023-5931

Home page URL

Security reports for rtMedia for WordPress, BuddyPress and bbPress

Application

rtMedia for WordPress, BuddyPress and bbPress

Published on
Dec 27, 2023
Research Description
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server
Affected versions
max 4.6.16.
Status
vulnerable
Previous vulnerability researches
rtMedia for WordPress, BuddyPress and bbPress (486aa334-badc-4af2-abe0-77904d768b90) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2023-5931) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2023-5939) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2024-3293) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2026-25325) , Feb 27, 2026
New vulnerability
Image Optimizer by Elementor – Compress, Resize and Optimize Images (CVE-2026-25387) , Feb 27, 2026
Printful Integration for WooCommerce (CVE-2025-12375) , Feb 27, 2026
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes (CVE-2026-25322) , Feb 27, 2026
Page Builder Gutenberg Blocks – CoBlocks (CVE-2026-27094) , Feb 27, 2026
ElementsKit Elementor addons (CVE-2026-23693) , Feb 27, 2026