Intrusions leverage a critical privilege escalation flaw.
Intrusions leveraging a critical privilege escalation flaw in the WordPress "Motors" theme are ongoing.
According to an analysis from Wordfence, which has thwarted over 23,000 attempted attacks involving the security issue, and reported by BleepingComputer reports that threat actors have been exploiting the flaw, which stems from inadequate user identity validation mechanisms.
The intrusions leverage the critical privilege escalation flaw, tracked as CVE-2025-4322, to compromise admin accounts and facilitate site takeovers. Attacks commenced on May 20th before increasing on June 7th.
The analysis found that attackers identify the URL of the erring widget before resetting admin passwords, infiltrating the WordPress dashboard, and establishing new admin accounts for persistence.
Admins of WordPress sites with the vulnerable theme have been urged to immediately apply the latest Motors version 5.6.68 issued last month
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
