CVE-2025-5947 allows unauthenticated admin access in Service Finder WordPress theme versions ≤ 6.0 Over 13,800 exploit attempts observed since August; attackers actively target vulnerable sites Patching is critical; blocking five known IPs may help but won’t stop future attacks Websites running the popular Service Finder Bookings WordPress theme are being actively targeted following the discovery of a critical severity vulnerability. On July 17, Aonetheme released version 6.1 of Service Finder,