rtMedia for WordPress, BuddyPress and bbPress

Vulnerabilities 20Slug buddypress-mediaLatest version 4.7.10WordPress.org →

Minimum safe version

4.7.10

Update to 4.7.10 or later to address 20 fixable vulnerabilities

Latest available4.7.10
N/A
2026-04-21< 4.7.10

rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 - Missing Authorization

WordfenceCVE
Low 3.7
2025-12-13< 4.7.4

rtMedia for WordPress, BuddyPress and bbPress 4.7.0 - 4.7.3 - Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch Function

EUVDWordfenceCVE
N/A
2024-04-29< 4.6.19

WordPress rtMedia for WordPress, BuddyPress and bbPress Plugin <= 4.6.18 is vulnerable to SQL Injection

Patchstack
N/A
2024-04-29< 4.6.19

rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Subscriber+) SQL Injection

Wordfence
N/A
< 4.6.15

rtMedia for WordPress, BuddyPress and bbPress &lt; 4.6.15 - Missing Authorization to Settings Update

WPScan
N/A
< 4.6.15

rtMedia for WordPress, BuddyPress and bbPress &lt; 4.6.15 - Missing Authorization to Sensitive Information Exposure

WPScan
N/A
2023-09-04< 4.6.15

rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization to Sensitive Information Exposure

Wordfence
N/A
2023-09-04< 4.6.15

rtMedia for WordPress, BuddyPress and bbPress <= 4.6.14 - Missing Authorization to Settings Update

Wordfence
N/A
2014-11-24< 3.7.19

rtMedia for WordPress, BuddyPress and bbPress <= 3.9.5 - Local File Inclusion

Wordfence
N/A
2015-04-28< 3.7.40

rtMedia for WordPress, BuddyPress and bbPress < 3.7.40 - SQL Injection

Wordfence
N/A
2016-01-28< 3.10.2

rtMedia for WordPress, BuddyPress and bbPress <= 3.10.1 - Cross-Site Scripting

Wordfence
N/A
2016-12-21< 4.2.1

rtMedia for WordPress, BuddyPress and bbPress <= 4.2 - Arbitary File Upload

Wordfence
N/A
< 3.7.40

wpscan.com

WPScan
N/A
< 3.10.2

wpscan.com

WPScan
N/A
< 4.2.1

trMedia for WordPress &lt;= 4.2 - Unspecified Issues

WPScan