Tech »  Topic »  A popular WordPress theme has been hijacked by malware - here's what we know

A popular WordPress theme has been hijacked by malware - here's what we know

1 week, 1 day ago   techradar.com
(Image credit: sarayut Thaneerat/ via Getty Images)
  • 'Motors' WordPress theme vulnerability leaves accounts open to takeover attacks
  • Widespread attacks were observed from June 7 onwards
  • A patch is available in version 5.6.68, so update now

A popular premium WordPress theme, has been exploited by hackers thanks to a critical privilege escalation flaw tracked as CVE-2025-4322.

Attackers are able to exploit the vulnerability in the 'Motors' theme to hijack administrator accounts, taking full control of sites to change details, inject false details and spread malicious payloads.

Developed by StylemixThemes and a popular pick among automotive websites, nearly 22,500 sales of the theme have been logged on EnvatoMarket.

Vulnerability that allows full admin takeover found in premium WordPress themeWordPress plugin auth bypass exploited almost immediately after disclosure

'Motors' WordPress theme has been hijacked

The vulnerability had first been discovered on May 2, 2025, with a patch later released ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE

More related news