Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-25325 - rtMedia for WordPress, BuddyPress and bbPress Plugin
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through
PLUGIN
rtMedia for WordPress, BuddyPress and bbPress
CVE-2026-25325
Risk Score
Threat Entry
Updated 2024-12-13
CVE-2023-41951 - rtMedia for WordPress, BuddyPress and bbPress Plugin
Missing Authorization vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through 4.6.14.
PLUGIN
rtMedia for WordPress, BuddyPress and bbPress
CVE-2023-41951
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-3293 - rtMedia for WordPress, BuddyPress and bbPress Plugin
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
rtMedia for WordPress, BuddyPress and bbPress
CVE-2024-3293
Risk Score