CVE-2025-5947

Published Aug 1, 2025

Last updated 2 months ago

CVSS critical 9.8
WordPress

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-5947 is a critical authentication bypass vulnerability affecting the Service Finder WordPress theme, specifically the Service Finder Bookings plugin. This vulnerability stems from the plugin's improper validation of the `original_user_id` cookie within the `service_finder_switch_back()` function. Versions 6.0 and older are affected. Successful exploitation of CVE-2025-5947 allows unauthenticated attackers to log in as any user, including administrators. This can lead to attackers modifying website content, injecting malicious code, stealing sensitive data, and compromising the server. The vulnerability was patched in version 6.1, released on July 17, 2025.

Description
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's cookie value prior to logging them in through the service_finder_switch_back() function. This makes it possible for unauthenticated attackers to login as any user including admins.
Source
security@wordfence.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security@wordfence.com
CWE-639

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

35

  1. CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts https://t.co/kkst6UhL6w https://t.co/6GMvrG15kA

    @methodandmetric

    9 Oct 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. The Silent Keyhole: How CVE-2025-5947 Lets Attackers Walk into WordPress Admin Doors. A critical vulnerability identified as CVE-2025-5947 is under active exploitation against WordPress sites running the Service Finder Bookings plugin (bundled with the Service Finder theme. http

    @elnjasi

    9 Oct 2025

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. ๐Ÿšจ Hackers are hijacking WordPress sites right now. A critical flaw (CVE-2025-5947) in the Service Finder theme lets anyone log in as an admin โ€” no password needed. 13,800+ exploit attempts. Still rising. Most sites havenโ€™t patched. Details here โ†’ https://t.co/TJyLx4CN

    @TheHackersNews

    9 Oct 2025

    28055 Impressions

    86 Retweets

    246 Likes

    100 Bookmarks

    4 Replies

    7 Quotes

  4. ๐Ÿšจ WordPress sites hit by CVE-2025-5947 exploit! Hackers bypass auth, take over admin accounts. ๐Ÿ˜ฑ WEBOUNCER stops this & all cyber attacks with next-gen defense. Visit https://t.co/YvUrFmPKNq https://t.co/gIeQ3j4FyP via @TheHackersNews

    @BrainLabVisions

    9 Oct 2025

    59 Impressions

    2 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. โš ๏ธ Active exploit alert: Hackers are abusing a critical flaw (CVE-2025-5947) in the WordPress Service Finder theme to bypass authentication and log in as admins. โžก๏ธ Over 13K attack attempts detected. โžก๏ธ Fix released in v6.1 - update now! Would your site survive this k

    @TechNadu

    9 Oct 2025

    115 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. ๐Ÿšจ Hackers are hijacking WordPress sites right now. A critical flaw (CVE-2025-5947) in the Service Finder theme lets anyone log in as an admin โ€” no password needed. 13,800+ exploit attempts. Still rising. Most sites havenโ€™t patched. Details here โ†’ ... https://t.co/2oE7

    @IT_news_for_all

    9 Oct 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Service Finder WordPressใƒ†ใƒผใƒžใฎ่ช่จผใƒใ‚คใƒ‘ใ‚น่„†ๅผฑๆ€งCVE-2025-5947ใฎ่ฉณ็ดฐ https://t.co/obBUXT0yex #Security #ใ‚ปใ‚ญใƒฅใƒชใƒ†ใ‚ฃใƒผ #ใƒ‹ใƒฅใƒผใ‚น

    @SecureShield_

    9 Oct 2025

    78 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Actively exploited CVE : CVE-2025-5947

    @transilienceai

    8 Oct 2025

    19 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  9. ๐Ÿšจ ๐€๐œ๐ญ๐ข๐ฏ๐ž๐ฅ๐ฒ ๐„๐ฑ๐ฉ๐ฅ๐จ๐ข๐ญ๐ž๐: ๐‚๐ซ๐ข๐ญ๐ข๐œ๐š๐ฅ ๐…๐ฅ๐š๐ฐ ๐‚๐•๐„-๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“-๐Ÿ“๐Ÿ—๐Ÿ’๐Ÿ• ๐€๐ฅ๐ฅ๐จ๐ฐ๐ฌ ๐”๐ง๐š๐ฎ๐ญ๐ก๐ž๐ง๐ญ๐ข๐œ๐š๐ญ๐ž๐ ๐€๐๐ฆ๐ข๐ง

    @PurpleOps_io

    8 Oct 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-5947 (CVSS:9.8, CRITICAL) is Awaiting Analysis. The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all ..https://t.co/m6YcPjuX0o #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    6 Aug 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. CVE-2025-5947 The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. This is due โ€ฆ https://t.co/9ANuGxGt4J

    @CVEnew

    1 Aug 2025

    418 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. ๐Ÿšจ CRITICAL: CVE-2025-5947 impacts all versions of Service Finder Bookings for WordPress. Unauthenticated attackers can escalate privileges to admin! Disable plugin & monitor for updates. https://t.co/aGQBS61CHG... https://t.co/lPX95Id6GI

    @offseq

    1 Aug 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.