Critical security vulnerability has been discovered in Motors, a popular WordPress theme with over 22,000 sales, potentially exposing thousands of websites to complete takeover.
Security researchers at Wordfence identified an unauthenticated privilege escalation vulnerability that allows attackers to change passwords of any user, including administrators, without requiring prior authentication.
https://gbhackers.com/security-flaw-in- ... -websites/