Nigerian website owners have been urged to exercise caution regarding security vulnerabilities in the Jupiter X Core plugin for WordPress. The National Information Technology Development Agency (NITDA) issued this alert through its official X account on Wednesday.
The vulnerability, identified as CVE-2025-0366, is considered a major cybersecurity threat. It has the potential to allow attackers to take full control of affected websites without requiring authentication. A security advisory from the Computer Emergency Readiness and Response Team Nigeria (CERNT.NG) highlighted that this flaw is an “unauthenticated privilege escalation vulnerability,” enabling attackers to gain administrative access or execute malicious code on websites utilizing this plugin.
“A critical security flaw has been uncovered in the Jupiter X Core plugin for WordPress, affecting websites that use this widely popular theme framework,” the statement warned.