RomethemeKit For Elementor < 1.5.5 – Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation | CVE 2025-30911 | Plugin Vulnerabilities

Description

The RomethemeKit For Elementor plugin for WordPress is vulnerable to arbitrary plugin installations due to a missing capability check in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary plugins on the affected site's server which may make remote code execution possible.

Affects Plugins

rometheme-for-elementor

Fixed in 1.5.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/1f376368-3a1f-4c8a-b14d-142b20f5e57c

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Rafie Muhammad

Verified

No

WPVDB ID

fe24da20-1622-4e18-a885-2826dd9e95b6

Timeline

Publicly Published

2025-03-27 (about 1 year ago)

Added

2025-04-03 (about 1 year ago)

Last Updated

2025-04-03 (about 1 year ago)

Other

Published

Title

Published

2023-10-19

Title

WP EXtra < 6.3 - Missing Authorization to Export Settings

Published

2023-07-25

Title

Ninja Forms < 3.6.26 - Contributor+ Form Entries Export

Published

2024-04-30

Title

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid < 7.7.0 - Missing Authorization

Published

2023-06-05

Title

KiviCare Management System < 3.2.1 - Subscriber+ Unauthorised AJAX Calls

Published

2025-11-18

Title

Chat Help < 3.1.4 - Unauthenticated Sensitive Information Exposure