The Premium WordPress Theme Motors has discovered a significant privilege growth vulnerability, which allows informal attackers to kidnap the administrator accounts and take full control of websites.
Developed by stylemixthemes, the motors are one of the top-bound automotive themes for the WordPress platform. It is very popular among motor vehicle businesses such as car dealerships, rental services and used vehicle listing platforms.
It has more than 22,300 sales Messenger marketWith hundreds of user reviews and thousands of comments, indicate a highly active community around it.
The defects tracked in the form of CVE-2025-4322 were publicly manifested by WordFense and added to the national vulnerable database (Inseparable,
This is a problem of increasing a privilege that affects all versions of the Motors theme up to 5.6.67.
“This (vulnerability) theme is not to properly valid the user’s identity before updating their passwords,” Wordfence tells,
“This makes it possible for informal attackers to change arbitrary user passwords, including administrators, and take advantage of this to get access to their account.”
By obtaining administrator-level access, attackers can transplant malware, exfiltrate database materials and sensitive members details, or can be redirected to visitors to dangerous sites.
Stylemixthemes Released Motors version 5.6.68, which addresses CVE-2025-4322 on 14 May, 2025.
WordPress themes are central for websites and cannot be temporarily disabled or easily replaced, so it is important to upgrade to the latest version as soon as possible.
The seller has a wide Online guide Updating motors through WordPress panels, envado API, or manually through FTP.
It is important to backup your website before updating the theme components to prevent potential data loss.
Although this issue does not affect the active WordPress plugin in millions of websites, it still forms a significant risk.
Given the price of $ 79 for a regular license and the price of $ 2,000 for an extended license, motors are more likely to be deployed in active sites or for those running businesses.
Based on the analysis of 14M malicious tasks, search for the top 10 MITERAT & CK techniques behind the 93% attacks and how to defend them against them.
