{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-5955", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-09T19:25:00.411Z", "datePublished": "2025-09-19T04:27:05.107Z", "dateUpdated": "2026-04-08T17:23:42.395Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:23:42.395Z"}, "affected": [{"vendor": "aonetheme", "product": "Service Finder SMS System", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary users."}], "title": "Service Finder SMS System <= 2.0.0 - Authentication Bypass", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc4598a7-d5cf-4553-b29a-659fe288ece9?source=cve"}, {"url": "https://themeforest.net/item/service-finder-service-and-business-listing-wordpress-theme/15208793"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "cweId": "CWE-288", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Friderika Baranyai"}], "timeline": [{"time": "2025-09-18T16:13:49.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-19T13:30:43.258506Z", "id": "CVE-2025-5955", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-19T13:30:50.033Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5955", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-09-19T13:30:43.258506Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-19T13:30:47.090Z"}}], "cna": {"title": "Service Finder SMS System <= 2.0.0 - Authentication Bypass", "credits": [{"lang": "en", "type": "finder", "value": "Friderika Baranyai"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "aonetheme", "product": "Service Finder SMS System", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-09-18T16:13:49.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc4598a7-d5cf-4553-b29a-659fe288ece9?source=cve"}, {"url": "https://themeforest.net/item/service-finder-service-and-business-listing-wordpress-theme/15208793"}], "descriptions": [{"lang": "en", "value": "The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary users."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:23:42.395Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5955", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:23:42.395Z", "dateReserved": "2025-06-09T19:25:00.411Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-09-19T04:27:05.107Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary users."}], "id": "CVE-2025-5955", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-09-19T05:15:33.603", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/service-finder-service-and-business-listing-wordpress-theme/15208793"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc4598a7-d5cf-4553-b29a-659fe288ece9?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T19:30:30.101655+00:00", "value": {"mitigation_remediation": ["Upgrade Service Finder SMS System to a version newer than 2.0.0.", "If an upgrade is not immediately possible, block or remove the plugin\u2019s authentication endpoint from the web server or firewall to prevent unauthenticated access.", "Disable any auto\u2011login or phone validation features through the plugin\u2019s settings as a temporary workaround."], "summary": {"action": "Patch Immediately", "impact": "Authentication Bypass"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the AoneTheme Service Finder SMS System plugin for WordPress in all releases up to and including version 2.0.0. No information is provided about partial mitigation in newer releases, so administrators should assume that earlier versions remain susceptible.", "description_and_impact": "The Service Finder SMS System plugin for WordPress allows attackers to gain authentication privileges without providing valid credentials because the plugin fails to validate a user's phone number before logging them in. This flaw enables an unauthenticated adversary to assume the identity of any user, potentially accessing sensitive data, modifying content, or conducting further exploits. The weakness corresponds to CWE-288, which signals improper authorization logic.", "risk_and_exploitability": "The CVSS score of 8.1 indicates a high\u2011severity risk. EPSS is reported as less than 1%, suggesting that while exploitation is possible, the probability of widespread attacks is currently low. The flaw is not listed in the CISA KEV catalog. The likely attack vector is a web\u2011based request to the plugin\u2019s authentication endpoint, which can be triggered by any user with network access to the WordPress site."}}}}, "created": "2025-09-19T09:35:12.343325+00:00", "updated": "2026-04-20T19:45:15.500384+00:00", "vendors": ["aonetheme", "aonetheme$PRODUCT$service_finder_sms_system", "wordpress", "wordpress$PRODUCT$wordpress"]}