rtMedia for WordPress, BuddyPress and bbPress

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   rtMedia for WordPress, BuddyPress and bbPress

Information

Software Type Plugin
Software Slug buddypress-media (view on wordpress.org)
Software Status Active
Software Author rtcamp
Software Website rtmedia.io
Software Downloads 1,186,695
Software Active Installs 10,000
Software Record Last Updated September 30, 2023

7 vulnerabilities

rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization via export_settings
4.3
CVE-2023-41951
Sep 6, 2023
Researcher: thiennv
rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization to Sensitive Information Exposure
4.3
CVE ID Unknown
Sep 4, 2023
Researchers:
rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization to Settings Update
4.3
CVE ID Unknown
Sep 4, 2023
Researchers:
rtMedia for WordPress, BuddyPress and bbPress <= 4.2 - Arbitary File Upload
9.8
CVE ID Unknown
Dec 21, 2016
Researcher: James Golovich
rtMedia for WordPress, BuddyPress and bbPress <= 3.10.1 - Cross-Site Scripting
6.1
CVE ID Unknown
Jan 28, 2016
Researcher: Brajesh
rtMedia for WordPress, BuddyPress and bbPress < 3.7.40 - SQL Injection
9.8
CVE ID Unknown
Apr 28, 2015
Researcher: James Hooker
rtMedia for WordPress, BuddyPress and bbPress < 3.7.19 - Local File Inclusion
8.8
CVE ID Unknown
Nov 24, 2014
Researchers:
Title CVE ID CVSS Researchers Date
rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization via export_settings CVE-2023-41951 4.3 thiennv September 6, 2023
rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization to Sensitive Information Exposure 4.3 September 4, 2023
rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization to Settings Update 4.3 September 4, 2023
rtMedia for WordPress, BuddyPress and bbPress <= 4.2 - Arbitary File Upload 9.8 James Golovich December 21, 2016
rtMedia for WordPress, BuddyPress and bbPress <= 3.10.1 - Cross-Site Scripting 6.1 Brajesh January 28, 2016
rtMedia for WordPress, BuddyPress and bbPress < 3.7.40 - SQL Injection 9.8 James Hooker April 28, 2015
rtMedia for WordPress, BuddyPress and bbPress < 3.7.19 - Local File Inclusion 8.8 November 24, 2014

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation