CVE-2025-30911

Published Apr 1, 2025

Last updated 4 days ago

CVSS critical 9.9

Overview

Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Rometheme RomethemeKit For Elementor allows Command Injection. This issue affects RomethemeKit For Elementor: from n/a through 1.5.4.
Source: audit@patchstack.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 9.9
Impact score: 6
Exploitability score: 3.1
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

audit@patchstack.com: CWE-94

Hype score: Not currently trending

[CVE-2025-30911: CRITICAL] Vulnerability in RomethemeKit For Elementor allows Command Injection via Code Injection issue. Update affected versions from n/a to 1.5.4 for security.#cybersecurity,#vulnerability https://t.co/7s9OiS3L5F https://t.co/MHTw55JWam
@CveFindCom
1 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References