RTMKit
Rometheme
Developer
1.6.7
Latest version
40,000
Installations
Oct 24, 2025
Last updated
Vulnerability history
1 present
9 fixed
3 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Repeater Block Attribute vulnerability<= 1.6.519 hours ago
- Arbitrary File Upload vulnerability<= 1.6.5Oct 18, 2025
- Cross Site Scripting (XSS) vulnerability<= 1.6.0Jun 5, 2025
- Arbitrary Plugin Installation/Activation to RCE vulnerability<= 1.5.4Mar 27, 2025
- Missing Authorization in save_options and reset_widgets vulnerability<= 1.5.3Mar 8, 2025
- Insecure Direct Object References (IDOR) vulnerability<= 1.6.7Feb 14, 2025
- Broken Access Control vulnerability<= 1.5.2Jan 24, 2025
- Cross Site Scripting (XSS) vulnerability<= 1.5.0Sep 30, 2024
- Broken Access Control vulnerability<= 1.4.1Apr 29, 2024
- Cross Site Scripting (XSS) vulnerability<= 1.4.1Apr 22, 2024