WordPress Alert: Hackers Can Steal Admin Accounts via Service Finder Plugin

Описание: ⚠️ Breaking Cybersecurity News: A critical authentication bypass (CVE-2025-5947) has been discovered in the Service Finder Bookings plugin, allowing attackers to gain admin access on thousands of WordPress sites using just a crafted cookie.

What’s Happening:

The vulnerability exists in the service_finder_switch_back() function.

Attackers can impersonate any user, including admins, without authentication.

Exploitation started within 24 hours of public disclosure, with over 13,800 blocked attempts reported by Wordfence.

Who is Affected:

Sites using the Service Finder theme bundled with the plugin (approx. 6,000 sites).

In this video, you’ll learn:

How the vulnerability works and why it’s critical.

The risks for your WordPress site (site takeover, malware, data theft).

Immediate steps to secure your website: patch, firewall, and audit.

How to check if your site has been compromised.

Quick Security Steps:

Update Service Finder Bookings plugin to v6.1 or higher.

If update isn’t possible immediately, deactivate the plugin.

Enable Wordfence or a strong WP firewall and check site logs.

If compromised, change all admin passwords and restore from backups if needed.

Stay Safe: Don’t wait—update your site today. Like, share, and subscribe for daily cybersecurity updates.

References: Wordfence advisory, CVE-2025-5947 public reports, security blogs.

Tags: -

WordPress, WordPress Security, Service Finder, Service Finder Bookings, CVE-2025-5947, Wordfence, plugin vulnerability, website security, hack alert, cyber security, admin takeover, vulnerability patch

Hashtags: -

#WordPress #CyberSecurity #Vulnerability #CVE2025 #Wordfence #ServiceFinder #SiteSecurity