Service Finder WordPress Flaw Allows Admin Takeover

A critical authentication bypass vulnerability in the Service Finder WordPress theme is being actively exploited by threat actors. Tracked as CVE-2025-5947, the flaw allows unauthenticated attackers to gain full administrator privileges on affected websites without a password. The vulnerability stems from an insecure account-switching feature that can be triggered with a simple crafted request. Security researchers have detected over 13,800 exploitation attempts targeting the flaw, which affects the theme's 6,000+ users. Administrators using Service Finder versions 6.0 or older are urged to update to the patched version immediately to prevent a complete site takeover.

Latest mentioned: 10-08

Earliest mentioned: 10-08

Sources

bleepingcomputer.com securityonline.info

Also Read

PhantomRaven Supply-Chain Attack Infects npm Ecosystem

Koi Security has discovered a massive supply-chain attack called PhantomRaven, which has infected the npm ecosystem with 126 malicious packages downloaded over 86,000 times. The campaign, active since August 2025, steals npm authentication tokens, GitHub credentials, and CI/CD secrets by concealing malicious code in dependencies. The attackers used Remote Dynamic Dependencies (RDD) to bypass security scanners, making the packages appear harmless. The malware executed automatically during installation, performing aggressive reconnaissance and exfiltration. Koi Security noted the use of AI-driven slopsquatting to create plausible-sounding package names, tricking developers into trusting malicious packages.

10-31Read more →