Security News > 2025 > May > Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)

A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated attackers to take over admin accounts and gain full control over target WP-based sites. The privileges thus acquired allow attackers to inject scripts that steal user data, make download links point to malware, redirect visitors to malicious sites, install a backdoor, or steal data saved in the underlying database. About CVE-2025-4322 Motors is … More → The post Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322) appeared first on Help Net Security.

News URL

https://www.helpnetsecurity.com/2025/05/21/wordpress-motors-theme-cve-2025-4322-admin-account-takeover/