Remote Code Execution Vulnerability in RSForm!pro for Joomla
CVE-2025-30085

9.2CRITICAL

Key Information:

Vendor: Rsjoomla.com
Status: Rsform!pro Component For Joomla
Vendor: CVE Published:; 11 June 2025

🔔 Create Rsjoomla.com Vulnerability Alert

What is CVE-2025-30085?

A remote code execution vulnerability exists in the RSForm!pro component versions 3.0.0 to 3.3.14 for Joomla. This vulnerability arises from a flaw in the submission export feature, which requires an attacker to have administrative access in order to exploit the system. If successfully executed, it could allow an attacker to run arbitrary code on the affected system, posing a significant risk to data integrity and system security.

Affected Version(s)

RSform!Pro component for Joomla 3.0.0-3.3.14

References

https://rsjoomla.com/

product

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
Mar 16, 2025

Credit

Kamil Szczurowski

Robert Kruczek