Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme. The vulnerability makes it possible to gain unauthorized access to any account, including administrators. The authentication bypass vulnerability is tracked as CVE-2025-5947 (CVSS score: 9.8)