Log In
Get Started Free

cognitive cybersecurity intelligence

News and Analysis

Search

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install


Threat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites.
The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug.
According to Wordfence, the shortcoming relates to an arbitrary file upload

Source: thehackernews.com –
 Read more
Linkedin Youtube Facebook Instagram

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

3000 Sand Hill Road, Building 3, Suite 210, 
Menlo Park, CA 94025

Products
Solutions
Healthcare cybersecurity​
Healthcare Threat Intelligence
Use Cases
News and Analysis
Insights
Company

© 2024 HEAL Security, Inc. “Cognitive Cybersecurity Intelligence.” All rights reserved.
3000 Sand Hill Road, Building 3, Suite 210, Menlo Park, CA 94025.
California Consumer: Do Not Sell My Info

Linkedin Youtube Facebook Instagram Soundcloud
Consent Preferences

V2025.06.10