Description
Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking sf-booking allows Privilege Escalation.This issue affects Service Finder Booking: from n/a through <= 6.1.
Published: 2025-07-04
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Service Finder Booking plugin for WordPress contains an incorrect privilege assignment flaw (CWE‑266) that permits an attacker to elevate privileges to an administrator level, thereby gaining full control over the site’s content, configuration, and user accounts. The flaw is identified as a high‑severity vulnerability with a CVSS score of 9.8, underscoring the potential for significant security compromise if exploited.

Affected Systems

The vulnerability affects the aonetheme Service Finder Booking plugin in all releases up to and including version 6.1. Any WordPress site that has installed a version of the plugin that is 6.1 or earlier is susceptible to privilege escalation through this flaw.

Risk and Exploitability

The CVSS score of 9.8 indicates a severe risk of complete site compromise. The EPSS score of less than 1% suggests a low but non‑zero probability of exploitation. The vulnerability is not listed in the CISA KEV catalog, meaning no large‑scale exploitation has been reported. Based on the description, the likely attack vector involves exploiting the plugin’s administrative endpoints from an account or user session that can trigger the role‑assignment logic, either via authenticated requests or by exploiting a misconfiguration that allows unauthenticated access to the vulnerable functionality.

Generated by OpenCVE AI on May 2, 2026 at 08:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Service Finder Booking plugin to a version newer than 6.1 to remove the privilege assignment flaw.
  • If an immediate upgrade is not possible, temporarily deactivate or uninstall the plugin to eliminate the vulnerable code from the site.
  • Review all WordPress user roles and capabilities, ensuring that no ordinary accounts have administrative rights and enforcing the principle of least privilege.

Generated by OpenCVE AI on May 2, 2026 at 08:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-19966 Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege Escalation. This issue affects Service Finder Booking: from n/a through 6.0.
History

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege Escalation. This issue affects Service Finder Booking: from n/a through 6.0. Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking sf-booking allows Privilege Escalation.This issue affects Service Finder Booking: from n/a through <= 6.1.
Title WordPress Service Finder Booking <= 6.0 - Privilege Escalation Vulnerability WordPress Service Finder Booking plugin <= 6.1 - Privilege Escalation Vulnerability
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Mon, 07 Jul 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 04 Jul 2025 11:30:00 +0000

Type Values Removed Values Added
Description Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege Escalation. This issue affects Service Finder Booking: from n/a through 6.0.
Title WordPress Service Finder Booking <= 6.0 - Privilege Escalation Vulnerability
Weaknesses CWE-266
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-05-12T00:28:53.077Z

Reserved: 2025-01-16T11:33:05.291Z

Link: CVE-2025-23970

cve-icon Vulnrichment

Updated: 2025-07-07T14:04:50.493Z

cve-icon NVD

Status : Deferred

Published: 2025-07-04T12:15:25.697

Modified: 2026-04-23T15:24:53.087

Link: CVE-2025-23970

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T08:30:26Z

Weaknesses