PT-2024-13018 · WordPress · Rtmedia
Thiennv
·
Published
2024-12-13
·
Updated
2024-12-17
·
CVE-2023-41951
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
rtMedia for WordPress, BuddyPress and bbPress versions through 4.6.14
Description
The issue affects the access control security levels in rtMedia for WordPress, BuddyPress, and bbPress, allowing exploitation due to incorrectly configured security levels. This involves broken access control, which is a high-severity vulnerability. Remediation is crucial to protect WordPress sites.
Recommendations
For versions through 4.6.14, update to the latest version to protect your WordPress site and ensure security. As a temporary workaround, consider restricting access to vulnerable components until a patch is available. Ensure you patch your systems to prevent exploitation of the broken access control vulnerability.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rtmedia