CVE-2025-62050
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-22

Last updated on: 2026-01-27

Assigner: Patchstack

Description
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-22
Last Modified
2026-01-27
Generated
2026-06-16
AI Q&A
2026-01-22
EPSS Evaluated
2026-06-14
NVD
CVE-2025-62050
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
blazethemes blogmatic From 1.0.0 (inc) to 1.0.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-62050 is a high-priority Arbitrary File Upload vulnerability in the WordPress Blogmatic Theme versions 1.0.3 and earlier. It allows an attacker with subscriber or developer privileges to upload arbitrary files, including malicious backdoors, to the affected website. This vulnerability falls under OWASP Top 10 A3: Injection and can lead to unauthorized code execution and further compromise of the site. [1]

Impact Analysis

Exploitation of this vulnerability can lead to unauthorized code execution on the affected website, allowing attackers to install malicious backdoors and potentially take full control of the site. This can result in data breaches, site defacement, loss of service, and further compromise of the hosting environment. [1]

Detection Guidance

Detection can involve checking for the presence of arbitrary or suspicious file uploads in the Blogmatic theme directories, especially files uploaded by users with subscriber or developer privileges. Monitoring web server logs for unusual POST requests to upload endpoints or scanning for newly added files with dangerous extensions may help. Specific commands are not provided in the resources. [1]

Mitigation Strategies

The immediate step is to update the Blogmatic theme to version 1.0.4 or later, which resolves the vulnerability. Until updating, applying Patchstack's mitigation rules to block attacks targeting this vulnerability is recommended. Using automated vulnerability mitigation and continuous security intelligence tools from Patchstack can also help protect the site. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-62050. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart