RTMKit
Rometheme
Developer
1.6.8
Latest version
40,000
Installations
Nov 24, 2025
Last updated
Vulnerability history
0 present
10 fixed
3 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Repeater Block Attribute vulnerability<= 1.6.5Nov 17, 2025
- Arbitrary File Upload vulnerability<= 1.6.5Oct 18, 2025
- Cross Site Scripting (XSS) vulnerability<= 1.6.0Jun 5, 2025
- Arbitrary Plugin Installation/Activation to RCE vulnerability<= 1.5.4Mar 27, 2025
- Missing Authorization in save_options and reset_widgets vulnerability<= 1.5.3Mar 8, 2025
- Insecure Direct Object References (IDOR) vulnerability<= 1.6.7Feb 14, 2025
- Broken Access Control vulnerability<= 1.5.2Jan 24, 2025
- Cross Site Scripting (XSS) vulnerability<= 1.5.0Sep 30, 2024
- Broken Access Control vulnerability<= 1.4.1Apr 29, 2024
- Cross Site Scripting (XSS) vulnerability<= 1.4.1Apr 22, 2024