A proof-of-concept exploit reveals critical weaknesses in the Atarim WordPress plugin, threatening thousands of websites with silent compromise.