WordPress RTMKit plugin <= 1.6.5 - Arbitrary File Upload vulnerability
CVE-2025-62065

Currently unrated

Key Information:

Vendor

WordPress
Status
Rtmkit
Vendor
CVE Published:
6 November 2025

What is CVE-2025-62065?

Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through <= 1.6.5.

Affected Version(s)

RTMKit <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/rome...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ananda Dhakal (Patchstack)
JSON
.
CVE-2025-62065 : Unrestricted File Upload Vulnerability in Rometheme RTMKit for Elementor