1. Forum
  2. tqwNet
  3. TQW GENTECH

  • A popular WordPress theme has a worrying security flaw which coul

    From TechnologyDaily@1337:1/100 to All on Thursday, October 09, 2025 13:15:08
    A popular WordPress theme has a worrying security flaw which could allow full site takeover - here's what we know

    Date:
    Thu, 09 Oct 2025 12:04:00 +0000

    Description:
    Install the patch as soon as you can to prevent losing your site to hackers.

    FULL STORY ======================================================================CVE-2025 -5947 allows unauthenticated admin access in Service Finder WordPress theme versions 6.0 Over 13,800 exploit attempts observed since August; attackers actively target vulnerable sites Patching is critical; blocking five known
    IPs may help but wont stop future attacks

    Websites running the popular Service Finder Bookings WordPress theme are
    being actively targeted following the discovery of a critical severity vulnerability.

    On July 17, Aonetheme released version 6.1 of Service Finder, which included
    a fix for an authentication bypass flaw that affected all versions up to, and including, 6.0. Since the plugin did not properly validate a users cookie value prior to logging them in, it was possible for unauthenticated attackers to log in as any user - including admin.

    The vulnerability is tracked as CVE-2025-5947, and was given a severity score of 9.8/10 (critical), since it allowed full website takeover, data exfiltration, malware deployment, and more. Thousands of attacks

    The theme can be purchased on the Envato Market which shows it was acquired more than 6,000 times already. According to BleepingComputer , most sites
    that buy the theme are actively using it, so the attack surface could be rather large.

    In addition, WordPress security company Wordfence says that since August 1,
    it observed more than 13,800 attempts to exploit this vulnerability, meaning threat actors are well aware of it and are actively hunting for victims. At press time, WordFence said it saw more than 200 attacks in the last 24 hours, alone.

    Such a large number would suggest hundreds of attackers, but it seems that
    the majority of attack requests came from just five IP addresses.

    This could make things easier for the defenders, since simply blocking them would be enough to prevent intrusions. However, the attackers could always switch to new ones, so patching the vulnerable product is still the best way to address the rising risk.

    Also, those who are worried about being targeted should review their logs for suspicious or otherwise unexpected login activity, or accounts that threat actors may have created to establish persistence.

    Via BleepingComputer

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. You might also like WordPress users beware - this popular plugin has been
    hijacked to push potential malware Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/a-popular-wordpress-theme-has-a-worryin g-security-flaw-which-could-allow-full-site-takeover


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)