Lucene search
K

25 matches found

Nuclei
Nuclei
added 9 hours ago88 views

Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

9.8CVSS7.5AI score0.18241EPSS
Exploits3References4
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-27433 WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Motors = 5.6.80 versions...

6.5CVSS0.00253EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-27433

The CVE concerns the WordPress Motors theme (

6.5CVSS5.8AI score0.00253EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/30 1:2 p.m.5 views

WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad in WordPress Theme Motors versions = 5.6.80...

6.5CVSS5.8AI score0.00253EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 3:17 p.m.11 views

CVE-2026-54812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:41 p.m.10 views

EUVD-2026-37709

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109...

8.1CVSS5.3AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.4 views

CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...

9.9CVSS6.6AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.22 views

CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...

9.9CVSS0.00315EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/21 5:50 p.m.6 views

WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Motors versions = 5.6.81...

9.9CVSS7AI score0.00315EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2025/06/23 9:8 p.m.397 views

Exploit for CVE-2025-4322

CVE-2025-4322 : Unauthenticated Privilege Escalation via Passw...

9.8CVSS10AI score0.18241EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2025/06/19 4:56 p.m.12 views

Attackers Actively Exploiting Critical Vulnerability in Motors Theme

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

9.8CVSS7.7AI score0.18241EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/05/22 3:12 p.m.549 views

Exploit for CVE-2025-4322

PoC exploit for CVE-2025-4322, an unauthenticated privilege esca...

9.8CVSS9.9AI score0.18241EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 6:16 a.m.10 views

CVE-2025-4322

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

9.8CVSS7.4AI score0.18241EPSS
Exploits3References1
NVD
NVD
added 2025/05/20 6:15 a.m.24 views

CVE-2025-4322

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

9.8CVSS0.18241EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/05/20 5:30 a.m.34 views

CVE-2025-4322 Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

9.8CVSS0.18241EPSS
Exploits3References2
CVE
CVE
added 2025/05/20 5:30 a.m.134 views

CVE-2025-4322

CVE-2025-4322 affects the Motors WordPress theme up to version 5.6.67, where a flawed password update flow allows unauthenticated attackers to change arbitrary user passwords (including administrators), enabling account takeover. Root cause: insufficient validation of requester identity before pr...

9.8CVSS9.8AI score0.18241EPSS
In wildExploits3References2
Positive Technologies
Positive Technologies
added 2025/05/20 12:0 a.m.11 views

PT-2025-22122 · WordPress · Motors

Name of the Vulnerable Software and Affected Versions: Motors WordPress theme versions prior to 5.6.68 Description: The Motors theme for WordPress is vulnerable to privilege escalation via account takeover. This is due to the theme not properly validating a user's identity prior to updating their...

9.8CVSS9.9AI score0.18241EPSS
Exploits3References38
Patchstack
Patchstack
added 2025/05/19 7:44 p.m.8 views

WordPress Motors theme <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover vulnerability

Unauthenticated Privilege Escalation via Password Update/Account Takeover vulnerability discovered by Foxyyy in WordPress Theme Motors versions = 5.6.67...

9.8CVSS7AI score0.18241EPSS
Exploits3References1Affected Software1
Wordfence Blog
Wordfence Blog
added 2025/05/19 5:32 p.m.19 views

22,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Motors WordPress Theme

📢In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. On May 2nd, 2025, we received a submission for a Privilege Escalation...

9.8CVSS7.7AI score0.18241EPSS
Exploits3
VulnCheck KEV
VulnCheck KEV
added 2025/05/19 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-4322

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...

9.8CVSS5.8AI score0.18241EPSS
Exploits3References1
Rows per page
Query Builder