20 matches found
CVE-2025-5955
The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...
CVE-2025-5955 Service Finder SMS System <= 2.0.0 - Authentication Bypass
The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...
CVE-2025-5955 Service Finder SMS System <= 2.0.0 - Authentication Bypass
The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...
CVE-2025-5955
CVE-2025-5955 affects the WordPress Service Finder SMS System plugin. The vulnerability is an authentication bypass caused by the plugin not verifying a user’s phone number during login, impacting all versions up to 2.0.0. Wordfence cites an 8.1 CVSS (HIGH) with network attack vector, no privileg...
PT-2025-38510
Name of the Vulnerable Software and Affected Versions Service Finder SMS System plugin for WordPress versions prior to 2.1.0 Description The Service Finder SMS System plugin for WordPress does not verify a user's phone number before logging them in, leading to authentication bypass. This allows...
WordPress plugin Service Finder SMS System security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Service Finder SMS System plugin <= 2.0.0 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by Foxyyy in WordPress Plugin Service Finder SMS System versions = 2.0.0...
WordPress Service Finder SMS System plugin elevation of privilege vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress Service Finder SMS System plugin that originates from an account takeover and can be exploited by an attacker to...
CVE-2025-5954
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not restricting user role selection at the time of registration through the aonesmsfnsavedataaftersignup function...
CVE-2025-5954
CVE-2025-5954 affects the WordPress plugin Service Finder SMS System (versions
CVE-2025-5954 Service Finder SMS System <= 2.0.0 - Unauthenticated Privilege Escalation
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not restricting user role selection at the time of registration through the aonesmsfnsavedataaftersignup function...
PT-2025-31596 · WordPress · Service Finder Sms System
Name of the Vulnerable Software and Affected Versions: Service Finder SMS System plugin for WordPress versions prior to 2.0.1 Description: The Service Finder SMS System plugin for WordPress is susceptible to privilege escalation, allowing unauthenticated attackers to register as administrator...
WordPress plugin Service Finder SMS System 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress Service Finder SMS System plugin that originates from an account takeover and can be exploited by an attacker to...
ASB-A-207479207
ismsEx service is a vendor service in unisoc equipment。ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks。Third-party apps can use this service to arbitrarily modify and set system properties。...
Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS
TikTok , the 3rd most downloaded app in 2019, is under intense scrutiny over users' privacy, censoring politically controversial content and on national-security grounds—but it's not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral...
CVE-2016-0865
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote authenticated users to change arbitrary passwords via unspecified vectors...
Flirt Matching SMS System <= SQL Injection Exploit
No description provided by source...
Flirt Matching SMS System SQL Injection
----------------------------Information------------------------------------------------ +Name : Flirt Matching SMS System = SQL Injection Exploit +Autor : Easy Laster +Date : 26.03.2010 +Script : Flirt Matching SMS System +Download : ------------------ +Demo : http://phpspezial.de/singel/ +Price ...
Flirt Matching Sms System - SQL Injection
----------------------------Information------------------------------------------------ +Name : Flirt Matching SMS System = SQL Injection Exploit +Autor : Easy Laster +Date : 26.03.2010 +Script : Flirt Matching SMS System +Download : ------------------ +Demo : http://phpspezial.de/singel/ +Price ...
Flirt Matching SMS System <= SQL Injection Exploit
Exploit for php platform in category web applications ================================================== Flirt Matching SMS System = SQL Injection Exploit ================================================== ----------------------------Information------------------------------------------------ +Na...