Hackers have begun to actively target WordPress sites running the OneTone theme in an effort to exploit a vulnerability that gives them the ability to read and write cookies as well as create backdoor admin accounts.

The vulnerability being exploited in the ongoing campaign is a cross-site scripting (XSS) bug in the OneTone WordPress theme created by the developer Magee WP which has not been updated since 2018.

Source Article