cleantalk
Vulnerabilities and Security Researches

rtMedia for WordPress, BuddyPress and bbPress, CVE-2023-5939

CVE, Research URL

CVE-2023-5939

Home page URL

Security reports for rtMedia for WordPress, BuddyPress and bbPress

Application

rtMedia for WordPress, BuddyPress and bbPress

Published on
Dec 27, 2023
Research Description
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
Affected versions
max 4.6.15.
Status
vulnerable
Previous vulnerability researches
rtMedia for WordPress, BuddyPress and bbPress (486aa334-badc-4af2-abe0-77904d768b90) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2023-5931) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2023-5939) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2024-3293) , Jun 07, 2024
rtMedia for WordPress, BuddyPress and bbPress (CVE-2026-25325) , Feb 27, 2026
New vulnerability
Image Optimizer by Elementor – Compress, Resize and Optimize Images (CVE-2026-25387) , Feb 27, 2026
Printful Integration for WooCommerce (CVE-2025-12375) , Feb 27, 2026
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes (CVE-2026-25322) , Feb 27, 2026
Page Builder Gutenberg Blocks – CoBlocks (CVE-2026-27094) , Feb 27, 2026
ElementsKit Elementor addons (CVE-2026-23693) , Feb 27, 2026