CVE-2025-5393: CWE-73 External Control of File Name or Path in Bearsthemes Alone – Charity Multipurpose Non-profit WordPress Theme
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This was partially patched in 7.8.5 and has been fully addresses in 7.8.7.
AI Analysis
Technical Summary
CVE-2025-5393 is a critical vulnerability in the Bearsthemes Alone WordPress theme that allows external control of file names or paths, enabling arbitrary file deletion. The vulnerability arises from inadequate validation of file paths in the alone_import_pack_restore_data() function. Attackers can exploit this flaw without authentication to delete important server files, potentially leading to remote code execution. The vulnerability affects all versions up to 7.8.5, with a partial fix in 7.8.5 and a complete fix in 7.8.7.
Potential Impact
Successful exploitation allows unauthenticated attackers to delete arbitrary files on the server hosting the WordPress site. This can cause denial of service or enable remote code execution if critical files like wp-config.php are deleted. The CVSS score of 9.1 reflects the high severity and ease of exploitation without privileges or user interaction.
Mitigation Recommendations
Users should upgrade the Alone theme to version 7.8.7 or later, where the vulnerability is fully patched. Versions up to 7.8.5 are vulnerable, and 7.8.5 only contains a partial fix. No other mitigations are indicated by the vendor advisory.
CVE-2025-5393: CWE-73 External Control of File Name or Path in Bearsthemes Alone – Charity Multipurpose Non-profit WordPress Theme
Description
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This was partially patched in 7.8.5 and has been fully addresses in 7.8.7.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-5393 is a critical vulnerability in the Bearsthemes Alone WordPress theme that allows external control of file names or paths, enabling arbitrary file deletion. The vulnerability arises from inadequate validation of file paths in the alone_import_pack_restore_data() function. Attackers can exploit this flaw without authentication to delete important server files, potentially leading to remote code execution. The vulnerability affects all versions up to 7.8.5, with a partial fix in 7.8.5 and a complete fix in 7.8.7.
Potential Impact
Successful exploitation allows unauthenticated attackers to delete arbitrary files on the server hosting the WordPress site. This can cause denial of service or enable remote code execution if critical files like wp-config.php are deleted. The CVSS score of 9.1 reflects the high severity and ease of exploitation without privileges or user interaction.
Mitigation Recommendations
Users should upgrade the Alone theme to version 7.8.7 or later, where the vulnerability is fully patched. Versions up to 7.8.5 are vulnerable, and 7.8.5 only contains a partial fix. No other mitigations are indicated by the vendor advisory.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-05-30T15:55:36.748Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6875d2dfa83201eaaccc9371
Added to database: 7/15/2025, 4:02:39 AM
Last enriched: 4/9/2026, 9:37:06 PM
Last updated: 5/9/2026, 3:14:03 PM
Views: 167
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.