News

Hackers target critical WordPress theme flaw - hundreds of sites at risk from potential takeover, find out if you're affected
All versions up to 7.8.3 contained a vulnerability that allowed threat actors to upload arbitrary files, including malware ...
The Hacker News1d
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Critical WordPress flaw CVE-2025-5394 lets attackers take over sites using the "Alone" theme. 120K+ attempts blocked.
Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ...
Infosecurity Magazine3d
Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable
More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws ...
Dangerous WordPress plugin puts over 160,000 sites at risk - here's what we know
Looking at the download statistics on WordPress.org, 59.8% of all Post SMTP installations are running versions 3.1 and newer, meaning 40.2% of sites are still vulnerable. Since the plugin has more ...
Bleeping Computer2mon
Premium WordPress 'Motors' theme vulnerable to admin takeover attacks
StylemixThemes released Motors version 5.6.68, which addresses CVE-2025-4322 on May 14, 2025.