{"id":77555,"date":"2025-09-26T22:30:13","date_gmt":"2025-09-26T22:30:13","guid":{"rendered":""},"modified":"2025-10-10T00:14:22","modified_gmt":"2025-10-10T06:14:22","slug":"cve-2025-5955-authentication-bypass-vulnerability-in-service-finder-sms-system-plugin-for-wordpress","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-5955-authentication-bypass-vulnerability-in-service-finder-sms-system-plugin-for-wordpress\/","title":{"rendered":"<strong>CVE-2025-5955: Authentication Bypass Vulnerability in Service Finder SMS System Plugin for WordPress<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>The cybersecurity landscape is a constantly evolving battlefield. One of the latest threats is the CVE-2025-5955 vulnerability found in the Service Finder SMS System plugin for WordPress. It affects all versions up to and including 2.0.0. This <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9180-critical-same-origin-policy-bypass-vulnerability-in-firefox-and-thunderbird\/\"  data-wpil-monitor-id=\"84779\">vulnerability is critical as it allows an attacker to bypass<\/a> the authentication process and log in as any user they choose. This serious breach in security can lead to unauthorized access to sensitive information and can <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-22404-potential-system-compromise-due-to-use-after-free-vulnerability\/\"  data-wpil-monitor-id=\"85526\">potentially compromise entire systems<\/a>.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-5955<br \/>\nSeverity: High (8.1 CVSS Score)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: None<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9791-critical-vulnerability-in-tenda-ac20-16-03-08-05-leading-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"84936\">Potential system<\/a> compromise or data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-1725282301\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>Service Finder SMS System <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9990-wordpress-helpdesk-integration-plugin-vulnerable-to-local-file-inclusion\/\"  data-wpil-monitor-id=\"87379\">Plugin for WordPress<\/a> | Up to and including 2.0.0<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-27215-unauthorized-system-modification-vulnerability-in-unifi-display-cast-devices\/\"  data-wpil-monitor-id=\"84868\">vulnerability exists because the Service Finder SMS System<\/a> plugin does not properly verify a user&#8217;s phone number before allowing them to log in. An attacker can exploit this by sending a specially crafted request to the login <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-41714-critical-vulnerability-in-upload-endpoint-causing-arbitrary-file-write-and-potential-remote-code-execution\/\"  data-wpil-monitor-id=\"89515\">endpoint with an arbitrary<\/a> phone number. If the phone number is associated with a user account, the attacker is logged in as that <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9114-critical-arbitrary-user-password-change-vulnerability-in-doccure-wordpress-theme\/\"  data-wpil-monitor-id=\"88290\">user without needing to provide a password<\/a>.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-4187269926\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>To <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49532-integer-underflow-vulnerability-in-illustrator-leading-to-arbitrary-code-execution\/\"  data-wpil-monitor-id=\"86162\">illustrate the vulnerability<\/a>, consider the following conceptual example. An attacker could send an HTTP POST request to the login endpoint with an arbitrary phone number in the body of the request:<\/p>\n<pre><code class=\"\" data-line=\"\">POST \/wp-login.php HTTP\/1.1\nHost: target.example.com\nContent-Type: application\/x-www-form-urlencoded\nphone_number=1234567890<\/code><\/pre>\n<p>In this example, if there is a user associated with the phone number `1234567890`, the attacker would be logged in as that user.<\/p>\n<p><strong>Mitigation<\/strong><\/p>\n<p>Until a patch is released by the vendor, users of the Service Finder SMS <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9780-totolink-a702r-vulnerability-could-lead-to-system-compromise\/\"  data-wpil-monitor-id=\"85141\">System plugin can mitigate the risk of this vulnerability<\/a> by implementing a Web Application Firewall (WAF) or Intrusion Detection System (IDS). These systems can analyze incoming traffic and block suspicious <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-8592-wordpress-inspiro-theme-vulnerability-to-cross-site-request-forgery-csrf\/\"  data-wpil-monitor-id=\"85399\">requests that aim to exploit this vulnerability<\/a>. Once the patch is available, it should be applied immediately to prevent further potential exploits.<br \/>\nRemember, cybersecurity is an ongoing effort. Stay <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-52461-information-leak-vulnerability-in-the-biosig-project-libbiosig-3-9-0\/\"  data-wpil-monitor-id=\"84776\">informed about the latest vulnerabilities<\/a> and ensure you apply patches and updates as soon as they are available.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview The cybersecurity landscape is a constantly evolving battlefield. One of the latest threats is the CVE-2025-5955 vulnerability found in the Service Finder SMS System plugin for WordPress. It affects all versions up to and including 2.0.0. This vulnerability is critical as it allows an attacker to bypass the authentication process and log in as [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[75],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-77555","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-authentication-bypass"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/77555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=77555"}],"version-history":[{"count":11,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/77555\/revisions"}],"predecessor-version":[{"id":82358,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/77555\/revisions\/82358"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=77555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=77555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=77555"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=77555"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=77555"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=77555"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=77555"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=77555"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=77555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}