Sensitive Data Exposure in rtCamp rtMedia for WordPress, BuddyPress, and bbPress
CVE-2026-25325

Currently unrated

Key Information:

Vendor

WordPress
Status
Rtmedia For WordPress, Buddypress And Bbpress
Vendor
CVE Published:
19 February 2026

What is CVE-2026-25325?

The rtCamp rtMedia plugin for WordPress, BuddyPress, and bbPress contains a vulnerability that allows unauthorized retrieval of sensitive embedded data. This issue affects versions up to and including 4.7.8, potentially exposing protected information to unauthorized parties. Users of these platforms should assess their installations for vulnerabilities and consider updates to maintain security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

rtMedia for WordPress, BuddyPress and bbPress <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/buddypre...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Doan Dinh Van | Patchstack Bug Bounty Program
JSON
.