Service Finder Bookings WordPress Plugin Privilege Escalation Vulnerability via Account Takeover
Vulnerability
A privilege escalation vulnerability allowing account takeover has been identified in the Service Finder Bookings plugin for WordPress, affecting all versions prior to 6.1. The vulnerability arises because the plugin fails to properly validate a user's identity before allowing changes to account details such as email addresses. This flaw enables authenticated attackers with subscriber-level access or higher to modify the email addresses of any user, including administrators. Once the email address is changed, the attacker can reset the user's password and gain access to their account.
Impact
Exploitation of this vulnerability allows for unauthorized access to user accounts, including those of administrators, by changing email addresses and resetting passwords.
Remediation
Users are advised to update the Service Finder Bookings plugin to version 6.1 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.