Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install (CVE-2025-5394)

Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher ...