CVE Catalog
CVE-2026-40773
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.28%
19th percentile — higher than 19% of all known CVEs
Summary
Versions of rtMedia for WordPress, BuddyPress, and bbPress up to 4.7.9 have a vulnerability in access control that may allow unauthorized subscribers to access resources.
Risk Assessment
Organizations may be exposed to unauthorized access to user data, potentially leading to privacy breaches and loss of trust.
Recommendation
It is recommended to update rtMedia to the latest version to mitigate this security vulnerability.
Original NVD description (English source)
Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions.

