{ads}

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Written By Thursday, 31 July 2025 Add Comment



July 31, 2025 at 12:23PM

Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug. According to Wordfence, the shortcoming relates to an arbitrary file upload

from The Hacker News https://ift.tt/3aGlJ1g

0 Response to "Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads