Find notable cyber news and cases, enriched with sources, timelines, and signals.

JobMonster WordPress theme authentication bypass (CVE-2025-5397)

Vulnerability
First reported
Last updated
Happening score
H score 53
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2025-5397 in the JobMonster WordPress theme is being actively exploited to bypass authentication and hijack administrator accounts on sites with social login enabled. The flaw affects all versions up to 4.8.1 and was targeted in multiple attempts over the past 24 hours. JobMonster 4.8.2 fixes the issue, while disabling social login remains the immediate mitigation.

Related Happenings

Instagram High Touch Support password reset security flaw

Vulnerability
H score40 First: 08.06.2026 09:00 Last: 08.06.2026 09:00 Sources 1

About this happening: **Meta's High Touch Support (HTS)** flaw enabled attackers to trigger **Instagram password resets**, creating account-takeover risk for **over 20,000 users** and weakening protect...

Service Finder WordPress theme authentication bypass (CVE-2025-5947, actively exploited)

Vulnerability
H score66 First: 08.10.2025 18:57 Last: 08.10.2025 18:57 Sources 1

About this happening: **Actively exploited** **CVE-2025-5947** is putting **Service Finder WordPress theme** sites on **version 6.0 and older** at risk of **administrator takeover**. The flaw is an **a...

Service Finder WordPress theme active auth bypass exploitation wave (CVE-2025-5947)

Exploitation Wave
H score67 First: 08.10.2025 18:57 Last: 08.10.2025 18:57 Sources 1

About this happening: **CVE-2025-5947** is being exploited at scale against the **Service Finder WordPress theme**, with attackers using an authentication bypass to log in as administrators and take ov...

Timeline

  1. 04.11.2025 09:49 2 articles · 8mo ago

    Wordfence blocks JobMonster authentication bypass exploit attempts

    Initial Disclosure

    Wordfence blocked multiple exploit attempts against client WordPress sites using the JobMonster theme, where CVE-2025-5397 can let unauthenticated attackers bypass authentication and access administrator accounts when social login is enabled. The issue affects JobMonster versions up to 4.8.1 and is fixed in 4.8.2; disabling social login is the immediate mitigation when patching cannot be done quickly.

    Show sources