7 matches found
CVE-2024-33919
Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1...
CVE-2025-30911
Improper Control of Generation of Code 'Code Injection' vulnerability in Rometheme RTMKit rometheme-for-elementor allows Command Injection.This issue affects RTMKit: from n/a through = 1.5.4...
PT-2025-14068 · Unknown · Romethemekit For Elementor
Name of the Vulnerable Software and Affected Versions: RomethemeKit For Elementor versions n/a through 1.5.4 Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows Command Injection. This problem affects over 30,000 active sites...
CVE-2025-24743
CVE-2025-24743 affects the WordPress plugin RomethemeKit For Elementor (RomethemeKit For Elementor), with versions up to 1.5.2 vulnerable due to Missing Authorization. The CVE is scored with a base CVSSv3.1 value of 4.3 (Network, Low privileges required, No user interaction; Confidentiality/Avail...
PT-2024-32683 · Unknown · Romethemekit For Elementor
Name of the Vulnerable Software and Affected Versions: RomethemeKit For Elementor versions 1.5.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...
WordPress RomethemeKit For Elementor Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)
Software RomethemeKit For Elementor Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47626 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 06f4df0cfc5f Credits Khalid Yusuf Required...
WordPress plugin RomethemeKit For Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...