Mastodawn

RF Wave Oct 12

Security researchers reveal active exploitation against Service Finder WordPress theme

Vulnerability: Improper validation of cookie

Impact: Allows an attacker full control over the WordPress instance

Vulnerability ID: CVE-2025-5947

Recommendation: Apply patches ASAP

#cybersecurity #vulnerabilitymanagement #ServiceFinder

https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-in-service-finder-wordpress-theme/

Hackers exploit auth bypass in Service Finder WordPress theme

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators.

BleepingComputer

Hackread.com Oct 10

🚨 Urgent alert for #WordPress site owners: an authentication bypass flaw (CVE‑2025‑5947) in the #ServiceFinder bookings plugin allows attackers to assume admin access. Over 13,800 exploit attempts already detected. Update to v6.1+ now.

Read more: hackread.com/auth-bypass-service-finder-wordpress-plugin-exploit/

#Cybersecurity #Vulnerability #AuthBypass #Infosec