CVE-2023-5939

EUVD-2023-58211
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
rtcamprtmedia
𝑥
< 4.6.16
𝑥
= Vulnerable software versions
References
https://wpscan.com/vulnerability/db5d41fc-bcd3-414f-aa99-54d5537007bc
https://wpscan.com/vulnerability/db5d41fc-bcd3-414f-aa99-54d5537007bc