Vulnerabilidades em rometheme
17 resultadosCVE-2025-30911CRITICALWordPress RomethemeKit For Elementor plugin <= 1.5.4 - Arbitrary Plugin Installation/Activation to RCE vulnerabilityEPSS 1.7%CVE-2026-3425HIGHRTMKit Addons for Elementor <= 2.0.2 - Authenticated (Author+) Local File Inclusion via 'path'EPSS 0.6%CVE-2024-33919MEDIUMWordPress RomethemeKit For Elementor plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-6325MEDIUMRomethemeForm For Elementor <= 1.1.5 - Missing Authorization via export_entries, rtformnewform, and rtformupdateEPSS 0.4%CVE-2024-10326MEDIUMRomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgetsEPSS 0.3%CVE-2024-32956MEDIUMWordPress RomethemeKit For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-32727MEDIUMWordPress RomethemeForm For Elementor plugin <= 1.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-3426MEDIUMRTMKit Addons for Elementor <= 2.0.2 - Authenticated (Author+) Missing Authorization to Widget Configuration ModificationEPSS 0.3%CVE-2025-62065CRITICALWordPress RTMKit plugin <= 1.6.5 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2024-10324MEDIUMRomethemeKit For Elementor <= 1.5.2 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.3%CVE-2025-24743MEDIUMWordPress RomethemeKit For Elementor plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-5149MEDIUMRTMKit <= 2.0.7 - Authenticated (Contributor+) Missing Authorization to Arbitrary Form Submission Access via 'entries_id' ParameterEPSS 0.2%CVE-2024-47626MEDIUMWordPress RomethemeKit For Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-64283MEDIUMWordPress RTMKit plugin <= 1.6.7 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-12473MEDIUMRTMKit <= 1.6.8 - Reflected Cross-Site Scripting via 'themebuilder' ParameterEPSS 0.2%CVE-2025-49235MEDIUMWordPress RTMKit Addons for Elementor plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-8609MEDIUMRTMKit Addons <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Repeater Block AttributeEPSS 0.2%