The vulnerabilities of the implementations of functions based on the AJAX technology, such as motor_load_more(), motor_gallery_load_more(), motor_quick_view(), and motor_project_quick_view(), in the “Motor – Cars, Parts, Service, Equipments and Accessories” theme. This theme is part of the WooCommerce store and uses the WordPress content management system. These vulnerabilities allow an attacker to execute arbitrary PHP code or gain unauthorized access to protected information.

The vulnerability of implementations based on the AJAX technology—motorloadmore, motorgalleryloadmore, motorquickview, and motorprojectquickview—in the “Motor: Cars, Parts, Service, Equipment, and Accessories” theme. This vulnerability is related to shortcomings in path name restrictions for the...

WordPress Motor theme license issue vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in WordPress...

CVE-2021-24375 Motor theme < 3.1.0 - Local File Inclusion

Lack of authentication or validation in motorloadmore, motorgalleryloadmore, motorquickview and motorprojectquickview AJAX handlers of the Motor WordPress theme before 3.1.0 allows an unauthenticated attacker access to arbitrary files in the server file system, and to execute arbitrary php script...

WordPress 插件路径遍历漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in WordPress...

Motor theme < 3.1.0 - Unauthenticated Local File Inclusion

Lack of authentication or validation in motorloadmore, motorgalleryloadmore, motorquickview and motorprojectquickview AJAX handlers of the theme allows an unauthenticated attacker access to arbitrary files in the server file system, and to execute arbitrary php scripts found on the server file...

Motor theme < 3.1.0 - Unauthenticated Local File Inclusion

Lack of authentication or validation in motorloadmore, motorgalleryloadmore, motorquickview and motorprojectquickview AJAX handlers of the theme allows an unauthenticated attacker access to arbitrary files in the server file system, and to execute arbitrary php scripts found on the server file...