## WordPress Theme Motor File Inclusion Vulnerability(CVE-2021-24375)

|   **Vulnerability**  | **WordPress Theme Motor File Inclusion Vulnerability(CVE-2021-24375)**  |
| :----:   | :-----|
|  **Chinese name**  | WordPress Motor 主题 admin-ajax.php 文件包含漏洞（CVE-2021-24375） |
| **CVSS core**  | 9.8 |
| **FOFA Query**  (click to view the results directly)| [body="wp-content/themes/motor"](https://en.fofa.info/result?qbase64=Ym9keT0id3AtY29udGVudC90aGVtZXMvbW90b3Ii) |
| **Number of assets affected**  | 711 |
| **Description**  | Motor is a professional WordPress WooCommerce Theme for dealers, retailers, shops and mechanics. WordPress Motor  Theme < 3.1.0 is vulnerable to Local File Inclusion. |
| **Impact** | Attackers can use this vulnerability to read the leaked source code, database configuration files, etc., resulting in an extremely insecure website. |

![](https://s3.bmp.ovh/imgs/2023/06/28/56a22a12996a7f9c.gif)