Find notable cyber news and cases, enriched with sources, timelines, and signals.

Service Finder plugin maintainers security patch release for CVE-2025-5947

Security Patch Release
First reported
Last updated
Happening score
H score 65
1 unique sources, 1 articles

Summary

Hide ▲

Service Finder Bookings got version 6.1 on July 17, 2025, closing CVE-2025-5947 and reducing takeover risk for affected WordPress sites. The update covered installations running 6.0 and earlier in the Service Finder theme bundle. The flaw was an authentication bypass that could let an unauthenticated attacker reach administrator accounts.

Related Happenings

The vendor security patch release for CVE-2026-8206

Security Patch Release
H score89 First: 03.06.2026 01:12 Last: 03.06.2026 01:12 Sources 1

About this happening: **Kirki - Freeform Page Builder, Website Builder & Customizer** shipped **version 6.0.7** to fix **CVE-2026-8206**, a privilege-escalation flaw that could let attackers take over...

WP Maps Pro 6.1.1 security patch for CVE-2026-8732

Security Patch Release
H score49 First: 31.05.2026 17:06 Last: 31.05.2026 17:06 Sources 1

About this happening: **WP Maps Pro 6.1.1** was released to fix **CVE-2026-8732**, giving WordPress administrators a patch for a flaw that enabled **unauthenticated administrator-account creation**. Th...

LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)

Security Patch Release
H score42 First: 27.05.2026 13:06 Last: 27.05.2026 13:06 Sources 1

About this happening: LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...

Latest development: 16.06.2026 13:47

CISA added CVE-2026-48172/CVE-2026-54420 in the LiteSpeed cPanel user-end plugin to the Known Exploited Vulnerabilities Catalog and ordered Federal Civilian Executive Branch agencies to secure affected servers within three days under BOD 26-04. The affected plugin versions before 2.4.8 are described as actively exploited, with FTP or web shell access enabling root escalation on shared hosting servers running CloudLinux/CageFS.

Citrix security patch release for CVE-2026-3055

Security Patch Release
H score44 First: 24.03.2026 07:59 Last: 24.03.2026 07:59 Sources 1

About this happening: Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...

Oracle security patch release for CVE-2026-21992

Security Patch Release
H score44 First: 21.03.2026 12:24 Last: 21.03.2026 12:24 Sources 1

About this happening: **Oracle** released **security updates** for **CVE-2026-21992**, a critical flaw in **Identity Manager** and **Web Services Manager** that could enable **unauthenticated remote co...

Timeline

  1. 09.10.2025 09:57 2 articles · 9mo ago

    Service Finder Bookings version 6.1 closes CVE-2025-5947

    Mitigation Patch Update

    Service Finder Bookings maintainers release version 6.1 for the WordPress theme bundle, fixing CVE-2025-5947 and closing the authentication bypass in service_finder_switch_back() that could let an unauthenticated attacker log in as any user, including administrators, on vulnerable sites.

    Show sources
  2. 09.10.2025 09:57 1 articles · 9mo ago

    Exploitation of CVE-2025-5947 starts against vulnerable Service Finder sites

    Exploitation Observed

    Exploitation targeting CVE-2025-5947 is observed against vulnerable Service Finder Bookings installations, where attackers use the authentication bypass to reach administrator accounts and hijack WordPress sites.

    Show sources
  3. 09.10.2025 09:57 1 articles · 9mo ago

    Technical analysis details Service Finder Bookings authentication bypass

    Technical Analysis Update

    Technical analysis of CVE-2025-5947 describes an authentication bypass in Service Finder Bookings caused by inadequate validation of a user's cookie value before login through service_finder_switch_back(), exposing vulnerable WordPress sites to unauthenticated account takeover.

    Show sources