Major security issues with rtMedia


#1

It looks like if we use rtMedia plugin then security of website has to be compromise.

In View Source Code : that is “Ctrl + U” mode it shows unnecessary website information to hackers like as follows :

var rtmedia_ajax_url = “https://www.example.com/wp-admin/admin-ajax.php”; var rtm_wp_version = “4.9.4”;

Note : Here if you will change name of wp-admin with Rewrite rule then that that name will get appear so automatically making Rewrite rule useless.

this is just examples… I was surprise with such a plugin having such a bad security issues.

Expecting that in next update - security issues will be updated.

Thanks & Best Regards, Dev


#2

Hello @dev_endra,

Could you please specify if you are facing issue particularly due to this WP version variable or ajax URL details?

Looking forward to your reply.

Thanks,


#3