| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12473 | RTMKit <= 1.6.8 - Reflected Cross-Site Scripting via 'themebuilder' Parameter | rometheme | RTMKit | Medium | 6.1 | 2026-03-11 01:22:05 | Deep Dive |
| CVE-2025-8609 | RTMKit Addons <= 1.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Repeater Block Attribute | rometheme | RTMKit | Medium | 6.4 | 2025-11-18 08:27:35 | Deep Dive |
| CVE-2025-62065 | WordPress RTMKit plugin <= 1.6.5 - Arbitrary File Upload vulnerability | Rometheme | RTMKit | 中危 | - | 2025-11-06 15:55:53 | Deep Dive |
| CVE-2025-64283 | WordPress RTMKit plugin <= 1.6.7 - Insecure Direct Object References (IDOR) vulnerability | Rometheme | RTMKit | - | - | 2025-10-29 08:38:12 | Deep Dive |
| CVE-2025-49235 | WordPress RTMKit Addons for Elementor plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability | Rometheme | RTMKit | Medium | 6.5 | 2025-06-06 12:53:32 | Deep Dive |
| CVE-2025-30911 | WordPress RomethemeKit For Elementor plugin <= 1.5.4 - Arbitrary Plugin Installation/Activation to RCE vulnerability | Rometheme | RTMKit | Critical | 9.9 | 2025-04-01 05:31:41 | Deep Dive |
| CVE-2024-10326 | RomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgets | rometheme | RTMKit | Medium | 4.3 | 2025-03-08 12:21:31 | Deep Dive |
| CVE-2025-24743 | WordPress RomethemeKit For Elementor plugin <= 1.5.2 - Broken Access Control vulnerability | Rometheme | RTMKit | Medium | 4.3 | 2025-01-27 14:22:19 | Deep Dive |
| CVE-2024-10324 | RomethemeKit For Elementor <= 1.5.2 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | rometheme | RTMKit | Medium | 4.3 | 2025-01-24 13:40:58 | Deep Dive |
| CVE-2024-47626 | WordPress RomethemeKit For Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability | Rometheme | RTMKit | Medium | 6.5 | 2024-10-05 13:31:24 | Deep Dive |
| CVE-2024-32727 | WordPress RomethemeForm For Elementor plugin <= 1.1.2 - Broken Access Control vulnerability | Rometheme | RomethemeForm For Elementor | Medium | 5.3 | 2024-06-09 15:02:07 | Deep Dive |
| CVE-2023-6325 | RomethemeForm For Elementor <= 1.1.5 - Missing Authorization via export_entries, rtformnewform, and rtformupdate | rometheme | RTMForm Builder | Medium | 5.3 | 2024-05-23 04:30:54 | Deep Dive |
| CVE-2024-33919 | WordPress RomethemeKit For Elementor plugin <= 1.4.1 - Broken Access Control vulnerability | Rometheme | RomethemeKit For Elementor | Medium | 6.5 | 2024-05-03 08:31:49 | Deep Dive |
| CVE-2024-32956 | WordPress RomethemeKit For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability | Rometheme | RTMKit | Medium | 6.5 | 2024-04-24 08:23:04 | Deep Dive |