Keenarch allows attackers to upload malicious files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.9

Keenarch allows attackers to upload malicious files

CVE-2025-68554

Summary

The Keenarch plugin for zozothemes allows untrusted users to upload files of any type, potentially allowing attackers to upload malicious files that could harm the website. This is a serious issue that affects all versions of Keenarch prior to version 2.0.1. To protect your website, update Keenarch to version 2.0.1 or later.

Original title

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Keenarch keenarch allows Using Malicious Files.This issue affects Keenarch: from n/a through < 2.0.1.

Original description

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Keenarch keenarch allows Using Malicious Files.This issue affects Keenarch: from n/a through < 2.0.1.

Vulnerability type

CWE-434 Unrestricted File Upload

https://patchstack.com/database/Wordpress/Theme/keenarch/vulnerability/wordpress...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026