CVE-2026-3426 | rometheme RTMKit Plugin up to 2.0.2 on WordPress save_widget/reset_all_widgets authorization

A vulnerability, which was classified as critical, has been found in rometheme RTMKit Plugin up to 2.0.2 on WordPress. Impacted is the function save_widget/reset_all_widgets. This manipulation causes missing authorization.

This vulnerability is handled as CVE-2026-3426. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More