- The vulnerability of the WordPress “ Motors ” theme leaves accounts open to buyout attacks
- Widespread attacks were observed from June 7
- A corrective is available in version 5.6.68, then update now
A high-end WordPress theme popular, was used by pirates thanks to a critical climbing of privilege followed under the name of CVE-2025-4322.
The attackers are able to exploit the vulnerability of the theme of “engines” to divert the administrator’s accounts, taking total control of the sites to modify the details, inject false details and distribute the useful malicious charges.
Developed by Stylemixthemes and a popular choice among automotive websites, nearly 22,500 theme sales have been connected to Envatomarket.
The WordPress theme of “Motors” has been diverted
The vulnerability had been discovered for the first time on May 2, 2025, with a correction published later with version 5.6.68 on May 14, which means that up -to -date accounts must be protected against potential control. The versions up to 5.6.67 are affected by the CVE, with WordFence reports on the details of May 19.
“This is due to the theme which does not validate the identity of a user properly before updating their password,” said WordFence.
“This allows non-authenticated attackers to modify the passwords of arbitrary users, including those of the administrators, and to take advantage of it to access their account.”
Although the fix has already been published, accounts that still perform older versions are at risk of buyout, the attacks that started on May 20. On June 7, the researchers observed large -scale attacks – WordFence now blocked more than 23,000 attempts to attack.
WordFence has also revealed a number of key IP addresses considered to be attacking sites – many make thousands of attempts each.
“An obvious sign of infection is if the administrator of a site is unable to connect with the correct password because he could be modified as a result of this vulnerability,” the researchers said.
The biggest change that users of the “motorcycle” theme can make is to update to version 5.6.68, the closure of the vulnerability to attackers and the securing of their accounts from control.
Via Bleeping Compompute
