JobMonster WordPress Theme Authentication Bypass Exploits
Summary
Hide ▲
Show ▼
Threat actors are actively exploiting a critical authentication bypass vulnerability (CVE-2025-5397) in the JobMonster WordPress theme. This flaw allows unauthenticated attackers to hijack administrator accounts if social login is enabled. The vulnerability affects all versions up to 4.8.1 and has been patched in version 4.8.2. The JobMonster theme is used by job listing sites and recruitment portals, with over 5,500 sales on Envato. The flaw is due to improper verification of user identity in the check_login() function, enabling attackers to bypass standard authentication. To mitigate the risk, users are advised to update to the latest version, disable social login, enable two-factor authentication, and monitor access logs for suspicious activity.
Timeline
-
04.11.2025 09:49 1 articles · 6d ago
Critical Authentication Bypass Vulnerability in JobMonster Theme Exploited
Threat actors are actively exploiting a critical authentication bypass vulnerability (CVE-2025-5397) in the JobMonster WordPress theme. This flaw allows unauthenticated attackers to hijack administrator accounts if social login is enabled. The vulnerability affects all versions up to 4.8.1 and has been patched in version 4.8.2. The flaw is due to improper verification of user identity in the check_login() function, enabling attackers to bypass standard authentication. Users are advised to update to the latest version, disable social login, enable two-factor authentication, and monitor access logs for suspicious activity.
Show sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
Information Snippets
-
The vulnerability is identified as CVE-2025-5397 with a critical-severity score of 9.8.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
The flaw affects all versions of the JobMonster theme up to 4.8.1.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
The vulnerability allows unauthenticated attackers to bypass authentication and access administrative accounts.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
Exploitation requires social login to be enabled on the affected site.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
Attackers need to know the target administrator’s account username or email to exploit the flaw.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
The flaw has been patched in JobMonster version 4.8.2.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
JobMonster is a premium WordPress theme used by job listing sites and recruitment portals.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49
-
The theme has over 5,500 sales on Envato.
First reported: 04.11.2025 09:491 source, 1 articleShow sources
- Hackers exploit critical auth bypass flaw in JobMonster WordPress theme — www.bleepingcomputer.com — 04.11.2025 09:49