Browse all 14 CVE security advisories affecting rometheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Rometheme is a WordPress theme provider offering customizable templates for websites, primarily targeting small businesses and personal blogs. Historically, the platform has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, contributing to its 14 CVE count. Security researchers have identified consistent flaws in input validation and access controls, with some instances allowing complete site compromise. While no major public breaches have been widely documented, the cumulative CVE history suggests ongoing challenges in secure coding practices, particularly in file handling and user permission management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-6325 | RomethemeForm For Elementor <= 1.1.5 - Missing Authorization via export_entries, rtformnewform, and rtformupdate — RTMForm BuilderCWE-862 | 5.3 | Medium | 2024-05-23 |
This page lists every published CVE security advisory associated with rometheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.