PHP Remote File Inclusion Vulnerability in StylemixThemes Motors
CVE-2026-54814

8.1HIGH

Key Information:

Vendor: WordPress
Status: Motors
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-54814?

The StylemixThemes Motors plugin is susceptible to a PHP Remote File Inclusion vulnerability that allows attackers to manipulate file inclusion mechanisms. This flaw may enable unauthorized access to sensitive files on the server, posing potential risks to the security of web applications utilizing this plugin. Users of Motors versions up to 1.4.109 should take immediate steps to secure their installations against this vulnerability.

Affected Version(s)

Motors <= 1.4.109

References

https://patchstack.com/database/wordpress/plugin/motors-c...

vdb-entry

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

Credit

endy | Patchstack Bug Bounty Program

CVE-2026-54814 Data

JSON

WordPress

What is CVE-2026-54814?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit