6 matches found
WordPress Service Finder Bookings plugin <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input' vulnerability
Unauthenticated Privilege Escalation via 'nslregistrationstoreextrainput' vulnerability discovered by Alyudin Nafiie in WordPress Plugin Service Finder Booking versions = 5.1...
CVE-2025-2470
The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nslregistrationstoreextrainput'...
CVE-2025-2470
creationtimestamp| type| source ---|---|--- 2025-04-25 12:09:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13406 2025-04-25 13:19:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnncroikpk2a 2025-04-25 13:48:43+00:00| seen|...
CVE-2025-2470 Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input'
The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nslregistrationstoreextrainput'...
CVE-2025-2470 Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input'
The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nslregistrationstoreextrainput'...
CVE-2025-2470
CVE-2025-2470 affects the WordPress plugin Service Finder Bookings (versions up to 5.1). TheRoot cause is a missing restriction on user roles in the function nsl_registration_store_extra_input , allowing unauthenticated attackers to register accounts with arbitrary roles (including Administrator)...