Threat actors are exploiting a critical vulnerability (CVE-2025-5394) in the Alone WordPress theme to upload malicious files and potentially take over affected websites. The attack began before the vulnerability was publicly disclosed and continues to pose a significant threat to site security. #CVE-2025-5394 #AloneTheme #WordPressSecurity #RemoteCodeExecution
Keypoints
- The vulnerability CVE-2025-5394 allows unauthenticated users to upload arbitrary files to the Alone WordPress theme.
- Threat actors exploited this zero-day flaw before its public disclosure on July 14, 2025.
- The flaw enabled remote code execution, leading to complete site takeover possibilities.
- Over 120,900 exploit attempts have been blocked since the vulnerability was patched in version 7.8.5.
- WordPress administrators are advised to update the theme and check for suspicious activity to mitigate risks.