25 matches found
Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover
The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...
CVE-2026-27433 WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Motors = 5.6.80 versions...
CVE-2026-27433
The CVE concerns the WordPress Motors theme (
WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad in WordPress Theme Motors versions = 5.6.80...
CVE-2026-54812
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...
EUVD-2026-37709
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109...
CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...
CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...
WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Motors versions = 5.6.81...
Exploit for CVE-2025-4322
CVE-2025-4322 : Unauthenticated Privilege Escalation via Passw...
Attackers Actively Exploiting Critical Vulnerability in Motors Theme
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...
Exploit for CVE-2025-4322
PoC exploit for CVE-2025-4322, an unauthenticated privilege esca...
CVE-2025-4322
The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...
CVE-2025-4322
The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...
CVE-2025-4322 Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover
The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...
CVE-2025-4322
CVE-2025-4322 affects the Motors WordPress theme up to version 5.6.67, where a flawed password update flow allows unauthenticated attackers to change arbitrary user passwords (including administrators), enabling account takeover. Root cause: insufficient validation of requester identity before pr...
PT-2025-22122 · WordPress · Motors
Name of the Vulnerable Software and Affected Versions: Motors WordPress theme versions prior to 5.6.68 Description: The Motors theme for WordPress is vulnerable to privilege escalation via account takeover. This is due to the theme not properly validating a user's identity prior to updating their...
WordPress Motors theme <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover vulnerability
Unauthenticated Privilege Escalation via Password Update/Account Takeover vulnerability discovered by Foxyyy in WordPress Theme Motors versions = 5.6.67...
22,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Motors WordPress Theme
📢In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. On May 2nd, 2025, we received a submission for a Privilege Escalation...
VulnCheck KEV: CVE-2025-4322
The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...