CVE-2025-60070 is a vulnerability classified as 'Improper Control of Generation of Code' or code injection in The4 Molla WordPress theme, versions up to and including 1.5.13. This flaw arises from insufficient validation or sanitization of inputs that are used to generate executable code, allowing an attacker to inject arbitrary code remotely without authentication or user interaction. The vulnerability is network exploitable (AV:N), requires low attack complexity (AC:L), no privileges (PR:N), and no user interaction (UI:N), making it relatively easy to exploit. The impact primarily affects confidentiality and integrity, potentially enabling attackers to execute malicious scripts or commands within the context of the vulnerable web application, leading to data exposure or unauthorized modifications. Availability is not impacted. Although no known exploits have been reported in the wild yet, the presence of this vulnerability in a popular WordPress theme used for e-commerce and business websites poses a significant risk. The lack of a patch link suggests that a fix may not yet be publicly available, emphasizing the need for vigilance. The vulnerability was reserved in late September 2025 and published in December 2025, indicating recent discovery and disclosure.

For European organizations, especially those relying on WordPress with the Molla theme for their online presence, this vulnerability could lead to unauthorized code execution, resulting in data breaches, defacement, or insertion of malicious payloads such as web shells or malware. This can compromise customer data confidentiality and integrity, damage brand reputation, and potentially lead to regulatory penalties under GDPR if personal data is exposed. E-commerce sites are particularly at risk of financial fraud or theft of payment information. The medium severity rating reflects moderate risk, but the ease of exploitation without authentication increases the threat level. Organizations with public-facing websites using this theme are vulnerable to remote attacks, potentially impacting business continuity and trust.

Organizations should immediately inventory their WordPress installations to identify the use of The4 Molla theme versions up to 1.5.13. Until an official patch is released, consider temporarily disabling or replacing the theme to eliminate exposure. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting code injection vectors in the theme. Conduct thorough input validation and sanitization on any custom code or plugins interacting with the theme. Monitor web server and application logs for unusual requests or errors indicative of exploitation attempts. Limit administrative access and ensure all WordPress components are updated regularly. Engage with the vendor for patch timelines and apply updates promptly once available. Additionally, implement network segmentation to isolate web servers and reduce lateral movement risk if compromised.