- Description
- Improper Control of Generation of Code ('Code Injection') vulnerability in Rometheme RomethemeKit For Elementor allows Command Injection. This issue affects RomethemeKit For Elementor: from n/a through 1.5.4.
- Source
- audit@patchstack.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- audit@patchstack.com
- CWE-94
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2025-30911
@transilienceai
21 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Alerta crítica! Plugin #elementor de #wordpress CVE-2025-30911 con puntuación de 9.9 https://t.co/AcmpOInkcX
@informaticacosl
21 Apr 2025
158 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/as8rhimzqF 🚨🚨CVE-2025-30911 (CVSS 9.9): RomethemeKit for Elementor flaw! The install_requirements() function, tied to wp_ajax_install_requirements, skips permission checks & nonce validation. Any authenticated htt
@zoomeye_team
19 Apr 2025
1058 Impressions
5 Retweets
16 Likes
5 Bookmarks
0 Replies
1 Quote
[CVE-2025-30911: CRITICAL] Vulnerability in RomethemeKit For Elementor allows Command Injection via Code Injection issue. Update affected versions from n/a to 1.5.4 for security.#cybersecurity,#vulnerability https://t.co/7s9OiS3L5F https://t.co/MHTw55JWam
@CveFindCom
1 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes