CVE Details
Basic Information
| Title | Service Finder SMS System <= 2.0.0 - Unauthenticated Privilege Escalation |
|---|---|
| Type | cve |
| Published | 2025-08-01T02:24:17.625Z |
| Modified | 2025-08-01T02:24:17.625Z |
Product Information
| Vendor | aonetheme |
|---|---|
| Product | Service Finder SMS System |
| Version | * |
CVSS Information
| Base Score | 9.8 (CRITICAL) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
AI Analysis
| AI Description | The Service Finder SMS System WordPress plugin is vulnerable to unauthenticated privilege escalation due to improper user role restrictions during registration. Attackers can exploit this to create administrator accounts, leading to full system control. |
|---|---|
| AI Severity | Critical |
| AI Vendor | aonetheme |
| AI Product | Service Finder SMS System |
| AI Version | Up to 2.0.0 |
Affected Products
- aonetheme Service Finder SMS System *
Additional Information
| CWE List | CWE-269 |
|---|---|
| Source | Wordfence |
Description
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not restricting user role selection at the time of registration through the aonesms_fn_savedata_after_signup() function. This makes it possible for unauthenticated attackers to register as an administrator user.