CVE-2023-5939

Summary

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.

Affected Software

VendorProductVersion RangeStatus
UnknownrtMedia for WordPress, BuddyPress and bbPress0 < 4.6.16affected

Weaknesses

  • CWE-94 Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CVE Program Container

Additional References

References