CVE-2023-5939

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WPScanCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
rtcamprtmedia
𝑥
< 4.6.16
𝑥
= Vulnerable software versions
References
https://wpscan.com/vulnerability/db5d41fc-bcd3-414f-aa99-54d5537007bc
https://wpscan.com/vulnerability/db5d41fc-bcd3-414f-aa99-54d5537007bc