Filtered by vendor Rtcamp Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-5939 1 Rtcamp 1 Rtmedia 2024-11-21 7.2 High
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
CVE-2023-5931 1 Rtcamp 1 Rtmedia 2024-11-21 8.8 High
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server