Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

rtCamp — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting rtCamp. AI-powered Chinese analysis, POCs, and references for each vulnerability.

rtCamp specializes in WordPress development and managed hosting services, with 7 CVEs primarily involving stored cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities in their plugins. Historically, their security issues have centered on insufficient input validation and improper access controls, leading to privilege escalation risks. While no major public security incidents have been documented, their CVE history reflects common WordPress ecosystem weaknesses. The company maintains standard security practices but has faced recurring issues related to sanitization and authentication in their software offerings, requiring regular updates to address newly discovered flaws in their development tools and hosting platforms.

CVE IDTitleCVSSSeverityPublished
CVE-2026-15287 rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Subscriber+) SQL Injection — rtMedia for WordPress, BuddyPress and bbPressCWE-89 6.5 Medium2026-07-10
CVE-2026-25325 WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.8 - Sensitive Data Exposure vulnerability — rtMedia for WordPress, BuddyPress and bbPressCWE-497 5.3 Medium2026-02-19
CVE-2025-9218 rtMedia for WordPress, BuddyPress and bbPress 4.7.0 - 4.7.3 - Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch Function — rtMedia for WordPress, BuddyPress and bbPressCWE-862 3.7 Low2025-12-13
CVE-2025-67584 WordPress GoDAM plugin <= 1.4.6 - Broken Access Control vulnerability — GoDAMCWE-862 5.3 Medium2025-12-09
CVE-2025-58209 WordPress Transcoder Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability — TranscoderCWE-79 6.5 Medium2025-08-27
CVE-2023-41951 WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.6.14 - Broken Access Control vulnerability — rtMedia for WordPress, BuddyPress and bbPressCWE-862 4.3 Medium2024-12-13
CVE-2024-3293 rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery Shortcode — rtMedia for WordPress, BuddyPress and bbPressCWE-89 8.8 High2024-04-23
CVE-2024-31305 WordPress Transcoder plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability — TranscoderCWE-352 4.3 Medium2024-04-12

This page lists every published CVE security advisory associated with rtCamp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.