CVE Catalog

CVE-2026-40773

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.28%

19th percentile — higher than 19% of all known CVEs

Summary

Versions of rtMedia for WordPress, BuddyPress, and bbPress up to 4.7.9 have a vulnerability in access control that may allow unauthorized subscribers to access resources.

Risk Assessment

Organizations may be exposed to unauthorized access to user data, potentially leading to privacy breaches and loss of trust.

Recommendation

It is recommended to update rtMedia to the latest version to mitigate this security vulnerability.

Original NVD description (English source)

Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS