CVE-2025-9218 in WordPress, BuddyPress and bbPress Plugin
Summary
by MITRE • 12/13/2025
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to Information Disclosure due to missing authorization in the handle_rest_pre_dispatch() function when the Godam plugin is active, in versions 4.7.0 to 4.7.3. This makes it possible for unauthenticated attackers to retrieve media items associated with draft or private posts.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 12/13/2025
The rtMedia plugin for WordPress represents a widely used multimedia management solution that integrates seamlessly with BuddyPress and bbPress platforms. This plugin enables users to upload, manage, and display various types of media content including images, videos, and audio files within social networking environments. The vulnerability exists specifically within the handle_rest_pre_dispatch() function which serves as a critical access control point for REST API endpoints. When the Godam plugin is active alongside rtMedia, this function fails to properly validate user permissions before processing media requests. The issue affects versions 4.7.0 through 4.7.3, creating a window of exposure where unauthorized parties can exploit the missing authorization checks.
The technical flaw stems from inadequate input validation and permission verification within the REST API handling mechanism. The handle_rest_pre_dispatch() function should enforce strict authentication and authorization protocols before allowing access to media resources, particularly those associated with draft or private posts. However, the implementation fails to properly verify whether the requesting user possesses the necessary privileges to access specific media items. This authorization bypass allows attackers to craft malicious requests that circumvent normal access controls, effectively granting them visibility into protected media content that should only be accessible to authorized users. The vulnerability operates at the application layer and leverages the WordPress REST API framework to execute unauthorized data retrieval operations.
The operational impact of this information disclosure vulnerability is significant for organizations relying on rtMedia for content management. Unauthenticated attackers can access sensitive media content that may include confidential documents, private communications, or proprietary materials. This exposure extends to draft posts and private media items that users expect to remain hidden from public view, potentially leading to data breaches, privacy violations, and compliance violations. The vulnerability affects not only individual users but also organizations that depend on these plugins for collaborative environments where private content sharing is essential. Attackers can systematically enumerate and retrieve media content, creating a comprehensive database of private information without requiring valid credentials or authentication.
Organizations should immediately update to the latest version of rtMedia plugin where this vulnerability has been addressed through proper authorization checks in the handle_rest_pre_dispatch() function. System administrators should implement network monitoring to detect unusual REST API access patterns and unauthorized media retrieval attempts. The vulnerability aligns with CWE-284 Access Control Issues, specifically focusing on insufficient authorization mechanisms that allow unauthorized access to protected resources. From an ATT&CK framework perspective, this vulnerability maps to T1213 Data from Information Repositories, as attackers can systematically extract sensitive media content from the repository. Additionally, it represents a T1078 Valid Accounts technique where unauthorized access is achieved through flawed permission controls rather than credential theft. Organizations should also conduct thorough security assessments of their WordPress installations to identify other potential authorization bypass vulnerabilities and implement proper security hardening measures including regular patch management, access control reviews, and security monitoring solutions to detect and prevent exploitation attempts.