← Back to CVE List
CVE-2023-5931
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt