📄 WordPress RomethemeKit for Elementor 1.5.4 Privilege Escalation

Proof of concept exploit for an unauthorized privilege escalation vulnerability in WordPress RomethemeKit for Elementor plugin version 1.5.4 ============================================================================================================================================= | Title :...

EUVD-2024-54129

Malicious code in bioql PyPI...

EUVD-2025-9078

Malicious code in bioql PyPI...

EUVD-2025-3933

Malicious code in bioql PyPI...

EUVD-2024-34500

Malicious code in bioql PyPI...

EUVD-2024-30718

Malicious code in bioql PyPI...

CVE-2025-24743

Missing Authorization vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through = 1.5.2...

CVE-2024-32956

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through = 1.4.1...

CVE-2024-33919

Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1...

CVE-2024-10324

The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the registercontrols function in widgets/offcanvas-rometheme.php. This makes it possible for authenticated attackers, with Contributor-level access a...

Exploit for CVE-2025-30911

Exploit for CVE-2025-30911 – WordPress RomethemeKit = 1.5.4...

WordPress RomethemeKit for Elementor 1.5.4 Arbitrary Plugin Installation

WordPress RomethemeKit For Elementor plugin versions 1.5.4 and below suffer from an authenticated arbitrary plugin installation and activation vulnerability that can lead to remote code execution...

CVE-2025-30911

Improper Control of Generation of Code 'Code Injection' vulnerability in Rometheme RTMKit rometheme-for-elementor allows Command Injection.This issue affects RTMKit: from n/a through = 1.5.4...

CVE-2025-30911

Improper Control of Generation of Code 'Code Injection' vulnerability in Rometheme RTMKit rometheme-for-elementor allows Command Injection.This issue affects RTMKit: from n/a through = 1.5.4...

CVE-2025-30911 WordPress RomethemeKit For Elementor plugin <= 1.5.4 - Arbitrary Plugin Installation/Activation to RCE vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Rometheme RTMKit rometheme-for-elementor allows Command Injection.This issue affects RTMKit: from n/a through = 1.5.4...

CVE-2025-30911

The CVE-2025-30911 vulnerability affects the WordPress plugin RomethemeKit For Elementor (versions

CVE-2025-30911 WordPress RomethemeKit For Elementor plugin <= 1.5.4 - Arbitrary Plugin Installation/Activation to RCE vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Rometheme RTMKit rometheme-for-elementor allows Command Injection.This issue affects RTMKit: from n/a through = 1.5.4...

PT-2025-14068 · Unknown · Romethemekit For Elementor

Name of the Vulnerable Software and Affected Versions: RomethemeKit For Elementor versions n/a through 1.5.4 Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows Command Injection. This problem affects over 30,000 active sites...

WordPress plugin RomethemeKit For Elementor 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

WordPress RomethemeKit For Elementor plugin <= 1.5.4 - Arbitrary Plugin Installation/Activation to RCE vulnerability

Arbitrary Plugin Installation/Activation to RCE vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin RTMKit versions = 1.5.4...