CVE-2025-5948
BaseFortify
Publication date: 2025-09-19
Last updated on: 2025-09-19
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordfence | service_finder_bookings | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Service Finder Bookings plugin for WordPress up to version 6.0. It allows an unauthenticated attacker to escalate privileges by taking over accounts, including admin accounts, through the claim_business AJAX action. The plugin fails to properly validate a user's identity before allowing a business claim, enabling attackers to login as any user. To complete the takeover, subscriber privileges or brute-forcing are required to obtain valid claim_id values.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to gain unauthorized access to any user account, including administrators. This can lead to full control over the affected WordPress site, resulting in data breaches, unauthorized changes, and potential site takeover. The high CVSS score of 9.8 indicates critical impact on confidentiality, integrity, and availability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update the Service Finder Bookings plugin for WordPress to a version later than 6.0 where the issue is fixed. Additionally, restrict access to the claim_business AJAX action and monitor for suspicious activity related to business claiming. Implement strong account security measures such as limiting brute-force attempts and reviewing user privileges.