Aonetheme Service Finder Bookings
6 CVEs affecting Aonetheme Service Finder Bookings. Latest disclosed: 2025-11-01. Critical: 4, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-5948 | Critical | 9.8 | 2025-09-19 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is… |
CVE-2025-5947 | Critical | 9.8 | 2025-08-01 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. Thi… |
CVE-2025-2470 | Critical | 9.8 | 2025-04-25 | The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation i… |
CVE-2024-13442 | Critical | 9.8 | 2025-03-19 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. This is… |
CVE-2025-6574 | High | 8.8 | 2025-11-01 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and excluding, 6.1. This is… |
CVE-2025-5949 | High | 8.8 | 2025-11-01 | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is… |