What the vulnerability does
01Description
Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.
Explanation of Vulnerability in Simple Terms
Motors by StylemixThemes versions up to 5.6.80 lack proper authorization checks, allowing unauthenticated attackers to modify site data. The vulnerability requires no user interaction and can be exploited over the network. Site administrators should update to a version newer than 5.6.80 to prevent unauthorized changes to site content or functionality.
What an attacker can do
Modify site data without authentication, such as changing content or settings.
Potential impact on your site
Unauthorized users can alter site content, settings, or functionality without your knowledge or permission.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities