Hackers Hijack Sites Using JobMonster Theme Flaw

Hackers hijack sites using an authentication bypass flaw in JobMonster, a popular WordPress theme used for job board websites. Security researchers detected active exploitation of this critical vulnerability, which makes it possible for attackers to take over administrator accounts under specific conditions. The flaw, tracked as CVE-2025-5397, is one of three major vulnerabilities disclosed in recent days.

The malicious campaign appears to leverage CVE-2025-11533 and CVE-2025-5947 as well, suggesting a broader attack surface targeting WordPress-based recruitment platforms. Hackers hijack sites using vulnerabilities in outdated or misconfigured themes, potentially leading to unauthorized access, data theft, or full site compromise. Administrators using JobMonster are urged to apply security patches immediately and review server logs for suspicious activity.

The ongoing attacks highlight the importance of regular theme updates and vulnerability monitoring. For a detailed analysis of the threat and guidance on mitigation, read the full report here:
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-auth-bypass-flaw-in-jobmonster-wordpress-theme/