Blind SQL Injection Vulnerability in rtMedia Plugin Affects Sensitive Data
CVE-2024-3293

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Rtmedia For WordPress, Buddypress And Bbpress
Vendor: CVE Published:; 23 April 2024

Badges

👾 Exploit Exists

Summary

The rtMedia for WordPress plugin, which supports BuddyPress and bbPress, has a vulnerability that allows for blind SQL Injection. This occurs through the rtmedia_gallery shortcode owing to inadequate escaping of user-supplied parameters and insufficient query preparation. As a result, authenticated attackers with contributor-level access or higher can inject additional SQL queries into existing ones, which may lead to unauthorized access to sensitive database information. This security flaw emphasizes the importance of proper input validation and secure coding practices in WordPress plugin development.

Affected Version(s)

rtMedia for WordPress, BuddyPress and bbPress * <= 4.6.18

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/changeset/3071359/budd...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
May 30, 2024
👾
Exploit known to exist
May 30, 2024
Vulnerability published
Apr 23, 2024

Credit

Krzysztof Zając