RTMKit
Rometheme
Developer
2.0.6
Latest version
50,000
Installations
No date
Last updated
Vulnerability history
0 present
12 patched
4 Mitigation rules
- Reflected Cross-Site Scripting via 'themebuilder' Parameter vulnerability<= 1.6.811/03/2026
- Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates vulnerability<= 1.5.231/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Repeater Block Attribute vulnerability<= 1.6.517/11/2025
- Arbitrary File Upload vulnerability<= 1.6.518/10/2025
- Cross Site Scripting (XSS) vulnerability<= 1.6.005/06/2025
- Arbitrary Plugin Installation/Activation to RCE vulnerability<= 1.5.427/03/2025
- Missing Authorization in save_options and reset_widgets vulnerability<= 1.5.308/03/2025
- Insecure Direct Object References (IDOR) vulnerability<= 1.6.714/02/2025
- Broken Access Control vulnerability<= 1.5.224/01/2025
- Cross Site Scripting (XSS) vulnerability<= 1.5.030/09/2024
- Broken Access Control vulnerability<= 1.4.129/04/2024
- Cross Site Scripting (XSS) vulnerability<= 1.4.122/04/2024