CVE-2023-5939 : The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16

The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.

Published 2023-12-26 19:15:08

Updated 2024-01-04 18:41:13

Source WPScan

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-5939

Rtcamp » Rtmedia » For Wordpress
Versions before (<) 4.6.16
cpe:2.3:a:rtcamp:rtmedia:*:*:*:*:*:wordpress:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-5939

EPSS FAQ

6.26%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 90 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-5939

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	NIST	2024-01-04
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2023-5939

https://wpscan.com/vulnerability/db5d41fc-bcd3-414f-aa99-54d5537007bc

Just a moment...
Exploit;Third Party Advisory

Jump to

Vulnerability Details : CVE-2023-5939

Products affected by CVE-2023-5939

Exploit prediction scoring system (EPSS) score for CVE-2023-5939

CVSS scores for CVE-2023-5939

References for CVE-2023-5939