Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...

CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...

WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Motors versions = 5.6.81...

Exploit for CVE-2025-4322

CVE-2025-4322 : Unauthenticated Privilege Escalation via Passw...

Attackers Actively Exploiting Critical Vulnerability in Motors Theme

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

Exploit for CVE-2025-4322

PoC exploit for CVE-2025-4322, an unauthenticated privilege esca...

CVE-2025-4322

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

CVE-2025-4322

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

CVE-2025-4322

CVE-2025-4322 affects the Motors WordPress theme up to version 5.6.67, where a flawed password update flow allows unauthenticated attackers to change arbitrary user passwords (including administrators), enabling account takeover. Root cause: insufficient validation of requester identity before pr...

CVE-2025-4322 Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

PT-2025-22122 · WordPress · Motors

Name of the Vulnerable Software and Affected Versions: Motors WordPress theme versions prior to 5.6.68 Description: The Motors theme for WordPress is vulnerable to privilege escalation via account takeover. This is due to the theme not properly validating a user's identity prior to updating their...

WordPress Motors theme <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover vulnerability

Unauthenticated Privilege Escalation via Password Update/Account Takeover vulnerability discovered by Foxyyy in WordPress Theme Motors versions = 5.6.67...

22,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Motors WordPress Theme

📢In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. On May 2nd, 2025, we received a submission for a Privilege Escalation...

VulnCheck KEV: CVE-2025-4322

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

WordPress Motors Theme <= 5.6.67 is vulnerable to Privilege Escalation

Software Motors Type Theme Vulnerable versions = 5.6.67 Fixed in 5.6.68 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2025-4322 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID f2c68f043bd9 Credits Foxyyy Required...

CVE-2024-13738

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running...

CVE-2024-13738

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running...

CVE-2024-13738 Motors - Car Dealer, Rental & Listing WordPress theme <= 5.6.65 - Unauthenticated Arbitrary Shortcode Execution

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running...

WordPress Motors theme <= 5.6.65 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Lucio Sá in WordPress Theme Motors versions = 5.6.65...