On May 2nd, 2025, we received a submission for a Privilege Escalation vulnerability in Motors, a WordPress theme with more than 22,000 sales. This vulnerability makes it possible for an unauthenticated attacker to change the password of any user, including an administrator, which allows them to take over the account and the website. We originally disclosed this vulnerability on May 19th, 2025 and our records indicate that attackers started exploiting the issue the next day on May 20th, 2025. It appears mass exploitation started on June 7th, 2025. The Wordfence Firewall has already blocked over 23,100 exploit attempts targeting this vulnerability.
The post Attackers Actively Exploiting Critical Vulnerability in Motors Theme appeared first on Wordfence.