Critical RCE Flaw in “Alone” WordPress Theme Actively Exploited, Allowing Full Site Takeover
A critical vulnerability has been discovered in the widely used WordPress theme “Alone — Charity Multipurpose Non-profit”, which is already being exploited by malicious actors to compromise websites. Tracked as CVE-2025-5394, the flaw has...