A security vulnerability in the Motors WordPress theme allows users with minimal privileges to upload and activate malicious plugins, risking full site control. The flaw has been fixed in version 5.6.82, emphasizing the importance of proper permission checks and updates. #MotorsTheme #WordPressVulnerability
Keypoints
- The vulnerability affects versions 5.6.81 and below of the Motors WordPress theme.
- Logged-in users with Subscriber permissions can exploit the flaw to install malicious plugins.
- The issue resides in an AJAX handler that manages plugin installation without proper permission checks.
- The vulnerability was reported by Denver Jackson and fixed in version 5.6.82.
- Site owners are urged to update their themes and implement strict permission controls to avoid exploits.
Read More: https://www.infosecurity-magazine.com/news/motors-wordpress-flaw-takeover/