Threat actors are actively exploiting a critical vulnerability in the WordPress βAloneβ theme to gain remote control of websites. Over 120,000 attack attempts have been blocked, and the flaw was fixed in version 7.8.5, emphasizing the importance of timely updates. #CVE2025-5394 #AloneThemeVulnerability
Keypoints
- Cybercriminals are exploiting a zero-day vulnerability in the Alone WordPress theme for remote code execution.
- The flaw, CVE-2025-5394, affects all versions up to 7.8.3 and was patched in version 7.8.5.
- Attackers use the vulnerability to upload webshells, backdoors, and create malicious admin accounts.
- Wordfence reported over 120,000 exploitation attempts targeting vulnerable websites.
- Signs of compromise include new admin users and suspicious files or requests on βadmin-ajax.php.β