CVE-2025-5821 – “WordPress Case Theme User Plugin Authentication Bypass”

August 23, 2025

CVE ID : CVE-2025-5821

Published : Aug. 23, 2025, 7:15 a.m. | 17 hours, 54 minutes ago

Description : The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site, and access to the administrative user’s email.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5352 – “Lunary Analytics NEXT_PUBLIC_CUSTOM_SCRIPT Stored XSS Vulnerability”

Next Article CVE-2025-5060 – Bravis User WordPress Authentication Bypass Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-5821 – “WordPress Case Theme User Plugin Authentication Bypass”

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

The Best Zapier Alternatives & Competitors in 2025

CVE-2025-43972 – GoBGP FlowSpec Parser Denial of Service

Federal IT Contractor Pays $14.75 Million Fine to Settle Cyber Fraud Charges

Helldivers 2 is carrying on this iconic Halo easter egg tradition with its crossover — and I’m in love with the silly spin it’s putting on it

CVE-2025-6320 – PHPGurukul Pre-School Enrollment System SQL Injection

CVE-2025-5523 – Enilu Web-Flash Cross-Site Scripting Vulnerability

Building a Flexible Visual System: Structure That Adapts Across Mediums

How Model Context Protocol Supercharges Your AI Workflow

CVE-2025-5821 – “WordPress Case Theme User Plugin Authentication Bypass”

Related Posts