Why this matters

WordPress powers millions of websites — from small business pages in Lagos to tech blogs and online stores across Nigeria. But every so often, a single overlooked update can open the door to hackers who know exactly where to look. That’s what’s happening right now with a popular WordPress theme used around the world — and yes, it could be affecting local sites too.

What’s happening?

If your website runs on WordPress, and you’re using the Service Finder theme, please go and update it right now.

A critical security flaw has been discovered in the Service Finder Bookings plugin (bundled with the theme). The bug, tracked as CVE-2025-5947, allows attackers to bypass login security and gain access to any account on the site — even the administrator account.

In plain terms, someone could hijack your entire site with almost no effort.

How the hack works

The issue comes from poor validation of user cookies during the account switching process. The plugin fails to verify them properly, which gives hackers a way to trick the system into logging them in as any user — no password required.

Once they’re in, they can do a lot of damage:

• Insert malicious code or redirect your visitors to fake sites
• Upload and spread malware
• Use your hosting account for shady online activities

Who discovered it?

According to Wordfence researcher István Márton, every version of the Service Finder theme up to 6.0 is affected. The developers patched the issue on July 17, 2025, with the release of version 6.1.

Unfortunately, attackers have already been exploiting this flaw since early August. More than 13,800 attempts have been detected globally, according to The Hacker News.

Known attacker IP addresses

• 5.189.221.98
• 185.109.21.157
• 192.121.16.196
• 194.68.32.71
• 178.125.204.198

What you should do now

If you manage any WordPress sites — especially client sites — here’s what to do immediately:

1. Update everything (theme and all plugins).
2. Check your logs for strange activity or unknown users.
3. Enable two-factor authentication for admin logins.
4. Back up your site in case anything goes wrong.

Why it matters

The Service Finder theme has been sold to over 6,100 customers on Envato Market, so it’s widely used. If you’re a Nigerian web developer or run a small business site, you could be exposed if you haven’t updated yet.

Cyber threats aren’t bound by location — they target weakness, not geography. Don’t wait for a hack alert to act; update your site now and stay secure.

SignOnHost is already ahead of this

Our hosting partner, SignOnHost, has taken proactive steps to secure all WordPress sites on their servers. Their system continuously monitors for vulnerable plugins and enforces security patches where necessary to prevent exploitation of issues like this.

Source: The Hacker News – “Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme” (Oct 9, 2025) by Ravie Lakshmanan

Related posts:

Top 10 Web Hosting Companies in Nigeria 2025 SignOnHost.Com: Your Reliable Partner for Web Hosting and Domain Services Top 10 Cities In Nigeria To Grow Your Business 2025