{"id":16448,"date":"2025-10-11T18:16:06","date_gmt":"2025-10-11T10:16:06","guid":{"rendered":"https:\/\/www.quape.com\/?p=16448"},"modified":"2025-10-11T18:16:06","modified_gmt":"2025-10-11T10:16:06","slug":"wordpress-service-finder-vulnerability-cve-2025-5947","status":"publish","type":"post","link":"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/","title":{"rendered":"WordPress \u670d\u52a1\u67e5\u627e\u5668\u6f0f\u6d1e CVE-2025-5947"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div><p data-start=\"272\" data-end=\"575\">\u4e00\u4e2a\u4e25\u91cd\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c <strong data-start=\"307\" data-end=\"324\">CVE-2025-5947<\/strong>\uff0c\u5df2\u5728 <strong data-start=\"353\" data-end=\"380\">\u670d\u52a1\u67e5\u627e\u5668\u9884\u8ba2<\/strong> \u63d2\u4ef6\uff0c\u4e0e\u6d41\u884c\u7684 WordPress \u4e3b\u9898\u6346\u7ed1\u5728\u4e00\u8d77 <em data-start=\"439\" data-end=\"455\">\u670d\u52a1\u67e5\u627e\u5668<\/em>\u3002\u6b64\u6f0f\u6d1e\u5141\u8bb8\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u4ee5\u4efb\u4f55\u7528\u6237\u8eab\u4efd\uff08\u5305\u62ec\u7ba1\u7406\u5458\uff09\u767b\u5f55\uff0c\u800c\u65e0\u9700\u6709\u6548\u51ed\u636e\u3002<\/p>\n<p data-start=\"577\" data-end=\"782\">\u8be5\u6f0f\u6d1e\u6709\u4e00\u4e2a <strong data-start=\"601\" data-end=\"622\">CVSS\u8bc4\u5206\u4e3a9.8<\/strong> \u5e76\u4e14\u5df2\u88ab\u5e7f\u6cdb\u5229\u7528\u3002\u4f7f\u7528\u6b64\u63d2\u4ef6\u7684\u7f51\u7ad9\u5fc5\u987b\u7acb\u5373\u91c7\u53d6\u63aa\u65bd\uff0c\u4fdd\u62a4\u5176\u73af\u5883\uff0c\u9632\u6b62\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u3002<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\u76ee\u5f55<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"\u5207\u6362\u76ee\u5f55\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">\u5207\u6362<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#Understanding_the_CVE-2025-5947\" >\u4e86\u89e3 CVE-2025-5947<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#How_the_Exploit_Works\" >\u6f0f\u6d1e\u5229\u7528\u673a\u5236<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#Affected_Versions\" >\u53d7\u5f71\u54cd\u7684\u7248\u672c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#Recommended_Actions_for_Website_Owners\" >\u5efa\u8bae\u7f51\u7ad9\u6240\u6709\u8005\u91c7\u53d6\u7684\u63aa\u65bd<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#Signs_Your_Site_Might_Be_Compromised\" >\u60a8\u7684\u7f51\u7ad9\u53ef\u80fd\u53d7\u5230\u5a01\u80c1\u7684\u8ff9\u8c61<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#Why_This_Vulnerability_Matters\" >\u6b64\u6f0f\u6d1e\u4e3a\u4f55\u91cd\u8981<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.quape.com\/zh\/wordpress-service-finder-vulnerability-cve-2025-5947\/#Managed_WordPress_Hosting_by_QUAPE\" >\u7531 QUAPE \u7ba1\u7406\u7684 WordPress \u4e3b\u673a<\/a><\/li><\/ul><\/nav><\/div>\n<h3 data-start=\"789\" data-end=\"862\"><span class=\"ez-toc-section\" id=\"Understanding_the_CVE-2025-5947\"><\/span><strong>\u4e86\u89e3 CVE-2025-5947<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"864\" data-end=\"1231\">\u8fd9 <strong data-start=\"868\" data-end=\"924\">WordPress \u670d\u52a1\u67e5\u627e\u5668\u6f0f\u6d1e CVE-2025-5947<\/strong> \u5f71\u54cd\u6240\u6709\u7248\u672c\u7684 <em data-start=\"953\" data-end=\"978\">\u670d\u52a1\u67e5\u627e\u5668\u9884\u8ba2<\/em> \u63d2\u4ef6\u6700\u591a <strong data-start=\"992\" data-end=\"1007\">\u7248\u672c 6.0<\/strong>\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u63d2\u4ef6\u8d26\u6237\u5207\u6362\u529f\u80fd\u4e2d\u5bf9\u7528\u6237 Cookie \u7684\u9a8c\u8bc1\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u64cd\u7eb5 Cookie \u503c\u6765\u5192\u5145\u4efb\u4f55\u7528\u6237\uff0c\u65e0\u9700\u8eab\u4efd\u9a8c\u8bc1\u5373\u53ef\u83b7\u5f97\u5b8c\u5168\u7684\u7ba1\u7406\u8bbf\u95ee\u6743\u9650\u3002<\/p>\n<p data-start=\"1233\" data-end=\"1578\">\u6839\u636e <a class=\"decorated-link\" href=\"https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/wordpress-plugins\/sf-booking\/service-finder-bookings-60-authentication-bypass-via-user-switch-cookie?utm_source=quape.com\" target=\"_new\" rel=\"noopener\" data-start=\"1250\" data-end=\"1441\">Wordfence\u6f0f\u6d1e\u6570\u636e\u5e93<\/a>\uff0c \u8d85\u8fc7 <strong data-start=\"1448\" data-end=\"1475\">13,800\u6b21\u6f0f\u6d1e\u5229\u7528\u5c1d\u8bd5<\/strong> \u81ea 2025 \u5e74 8 \u6708\u521d\u4ee5\u6765\uff0c\u5df2\u68c0\u6d4b\u5230\u9488\u5bf9\u5c1a\u672a\u5e94\u7528\u8865\u4e01\u7684 WordPress \u7f51\u7ad9\u7684\u653b\u51fb\u3002<\/p>\n<p data-start=\"1580\" data-end=\"1738\">\u63d2\u4ef6\u5f00\u53d1\u8005\u53d1\u5e03\u4e86\u4e00\u4e2a\u4fee\u590d\u7248\u672c\uff08<strong data-start=\"1627\" data-end=\"1634\">6.1<\/strong>\uff09 \u5728 <strong data-start=\"1639\" data-end=\"1656\">2025\u5e747\u670817\u65e5<\/strong>\uff0c\u5f7b\u5e95\u89e3\u51b3\u4e86\u8be5\u6f0f\u6d1e\u3002\u6240\u6709\u4e4b\u524d\u7684\u7248\u672c\u4ecd\u7136\u5b58\u5728\u6f0f\u6d1e\u3002<\/p>\n<h3 data-start=\"1745\" data-end=\"1769\"><span class=\"ez-toc-section\" id=\"How_the_Exploit_Works\"><\/span><strong>\u6f0f\u6d1e\u5229\u7528\u673a\u5236<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1771\" data-end=\"2066\">\u8be5\u63d2\u4ef6\u5305\u542b\u4e00\u4e2a\u5e10\u6237\u5207\u6362\u529f\u80fd\uff0c\u8be5\u529f\u80fd\u4f7f\u7528 Cookie \u5728\u7528\u6237\u5e10\u6237\u4e4b\u95f4\u4e34\u65f6\u5207\u6362\u3002\u7531\u4e8e\u7f3a\u5c11\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u6784\u9020\u4e00\u4e2a\u6a21\u62df\u5408\u6cd5\u4f1a\u8bdd\u7684\u6076\u610f Cookie\u3002\u8fd9\u4f7f\u5f97\u4ed6\u4eec\u65e0\u9700\u63d0\u4f9b\u6709\u6548\u51ed\u8bc1\u5373\u53ef\u8bbf\u95ee\u7ba1\u7406\u4eea\u8868\u677f\u3002<\/p>\n<p data-start=\"2068\" data-end=\"2100\">\u5e38\u89c1\u7684\u653b\u51fb\u8005\u884c\u4e3a\u5305\u62ec\uff1a<\/p>\n<ol data-start=\"2101\" data-end=\"2363\">\n<li data-start=\"2101\" data-end=\"2147\">\n<p data-start=\"2103\" data-end=\"2147\">\u4e0a\u4f20\u6076\u610f PHP \u6587\u4ef6\u6216 webshell<\/p>\n<\/li>\n<li data-start=\"2148\" data-end=\"2186\">\n<p data-start=\"2150\" data-end=\"2186\">\u5b89\u88c5\u6076\u610f\u63d2\u4ef6\u6216\u4e3b\u9898<\/p>\n<\/li>\n<li data-start=\"2187\" data-end=\"2245\">\n<p data-start=\"2189\" data-end=\"2245\">\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u9493\u9c7c\u7f51\u7ad9\u6216\u6076\u610f\u8f6f\u4ef6\u6258\u7ba1\u7f51\u7ad9<\/p>\n<\/li>\n<li data-start=\"2246\" data-end=\"2307\">\n<p data-start=\"2248\" data-end=\"2307\">\u521b\u5efa\u65b0\u7684\u7ba1\u7406\u5458\u5e10\u6237\u4ee5\u5b9e\u73b0\u6301\u4e45\u8bbf\u95ee<\/p>\n<\/li>\n<li data-start=\"2308\" data-end=\"2363\">\n<p data-start=\"2310\" data-end=\"2363\">\u6cc4\u9732\u654f\u611f\u6570\u636e\u6216\u5ba2\u6237\u4fe1\u606f<\/p>\n<\/li>\n<\/ol>\n<p data-start=\"2365\" data-end=\"2493\">\u8fd9\u79cd\u6f0f\u6d1e\u7279\u522b\u5371\u9669\uff0c\u56e0\u4e3a\u5b83\u5b8c\u5168\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\uff0c\u5728\u6807\u51c6\u767b\u5f55\u65e5\u5fd7\u4e2d\u51e0\u4e4e\u4e0d\u7559\u4e0b\u4efb\u4f55\u75d5\u8ff9\u3002<\/p>\n<h3 data-start=\"2500\" data-end=\"2520\"><span class=\"ez-toc-section\" id=\"Affected_Versions\"><\/span><strong>\u53d7\u5f71\u54cd\u7684\u7248\u672c<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul data-start=\"2522\" data-end=\"2631\">\n<li data-start=\"2522\" data-end=\"2592\">\n<p data-start=\"2524\" data-end=\"2592\"><strong data-start=\"2524\" data-end=\"2539\">\u6613\u53d7\u4f24\u5bb3\u7684\uff1a<\/strong> \u670d\u52a1\u67e5\u627e\u5668\u9884\u8ba2\u7248\u672c <strong data-start=\"2573\" data-end=\"2590\">6.0 \u53ca\u4ee5\u4e0b<\/strong><\/p>\n<\/li>\n<li data-start=\"2593\" data-end=\"2631\">\n<p data-start=\"2595\" data-end=\"2631\"><strong data-start=\"2595\" data-end=\"2605\">\u56fa\u5b9a\u7684\uff1a<\/strong> \u7248\u672c <strong data-start=\"2614\" data-end=\"2631\">6.1 \u53ca\u66f4\u9ad8\u7248\u672c<\/strong><\/p>\n<\/li>\n<\/ul>\n<p data-start=\"2633\" data-end=\"2740\">\u8fd0\u884c\u65e7\u7248\u672c\u7684\u7f51\u7ad9\u5e94\u7acb\u5373\u66f4\u65b0\u6216\u7981\u7528\u8be5\u63d2\u4ef6\uff0c\u76f4\u5230\u5e94\u7528\u8865\u4e01\u4e3a\u6b62\u3002<\/p>\n<h3 data-start=\"2747\" data-end=\"2788\"><span class=\"ez-toc-section\" id=\"Recommended_Actions_for_Website_Owners\"><\/span><strong>\u5efa\u8bae\u7f51\u7ad9\u6240\u6709\u8005\u91c7\u53d6\u7684\u63aa\u65bd<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"2790\" data-end=\"2900\">\u8fd0\u884c Service Finder \u4e3b\u9898\u7684\u7f51\u7ad9\u6240\u6709\u8005\u5e94\u91c7\u53d6\u4ee5\u4e0b\u6b65\u9aa4\u6765\u7f13\u89e3 <strong data-start=\"2882\" data-end=\"2899\">CVE-2025-5947<\/strong>:<\/p>\n<ol data-start=\"2902\" data-end=\"3416\">\n<li data-start=\"2902\" data-end=\"2958\">\n<p data-start=\"2905\" data-end=\"2958\"><strong data-start=\"2905\" data-end=\"2915\">\u66f4\u65b0<\/strong> \u5230\u7248\u672c <strong data-start=\"2927\" data-end=\"2944\">6.1 \u6216\u66f4\u9ad8\u7248\u672c<\/strong> \u7acb\u5373\u5730<\/p>\n<\/li>\n<li data-start=\"2959\" data-end=\"3030\">\n<p data-start=\"2962\" data-end=\"3030\"><strong data-start=\"2962\" data-end=\"2999\">\u67e5\u770b\u6240\u6709\u7ba1\u7406\u5458\u5e10\u6237<\/strong> \u5e76\u5220\u9664\u6240\u6709\u672a\u77e5\u7528\u6237<\/p>\n<\/li>\n<li data-start=\"3031\" data-end=\"3097\">\n<p data-start=\"3034\" data-end=\"3097\"><strong data-start=\"3034\" data-end=\"3064\">\u66f4\u6539\u6240\u6709\u7ba1\u7406\u5458\u5bc6\u7801<\/strong> \u5e76\u4f7f\u6d3b\u52a8\u4f1a\u8bdd\u65e0\u6548<\/p>\n<\/li>\n<li data-start=\"3098\" data-end=\"3174\">\n<p data-start=\"3101\" data-end=\"3174\"><strong data-start=\"3101\" data-end=\"3134\">\u626b\u63cf\u53ef\u7591\u7684 PHP \u6587\u4ef6<\/strong>\uff0c\u5c24\u5176\u662f\u5728 <code data-start=\"3150\" data-end=\"3172\">\/wp-content\/uploads\/<\/code><\/p>\n<\/li>\n<li data-start=\"3175\" data-end=\"3248\">\n<p data-start=\"3178\" data-end=\"3248\"><strong data-start=\"3178\" data-end=\"3203\">\u4f7f\u7528\u6076\u610f\u8f6f\u4ef6\u626b\u63cf\u7a0b\u5e8f<\/strong> \u50cf Sucuri \u6216 MalCare \u4e00\u6837\u68c0\u6d4b\u540e\u95e8<\/p>\n<\/li>\n<li data-start=\"3249\" data-end=\"3329\">\n<p data-start=\"3252\" data-end=\"3329\"><strong data-start=\"3252\" data-end=\"3295\">\u542f\u7528 Web \u5e94\u7528\u7a0b\u5e8f\u9632\u706b\u5899 (WAF)<\/strong> \u9632\u6b62\u8fdb\u4e00\u6b65\u7684\u5265\u524a<\/p>\n<\/li>\n<li data-start=\"3330\" data-end=\"3416\">\n<p data-start=\"3333\" data-end=\"3416\"><strong data-start=\"3333\" data-end=\"3356\">\u76d1\u63a7\u8bbf\u95ee\u65e5\u5fd7<\/strong> \u67e5\u627e\u5f02\u5e38\u767b\u5f55\u6d3b\u52a8\uff0c\u5c24\u5176\u662f\u6765\u81ea\u672a\u77e5 IP \u7684\u767b\u5f55\u6d3b\u52a8<\/p>\n<\/li>\n<\/ol>\n<p data-start=\"3418\" data-end=\"3512\">\u5982\u679c\u68c0\u6d4b\u5230\u4efb\u4f55\u635f\u5bb3\uff0c\u8bf7\u4ece\u5e72\u51c0\u7684\u5907\u4efd\u6062\u590d\u7ad9\u70b9\u5e76\u91cd\u7f6e\u6240\u6709\u51ed\u636e\u3002<\/p>\n<h3 data-start=\"3519\" data-end=\"3558\"><span class=\"ez-toc-section\" id=\"Signs_Your_Site_Might_Be_Compromised\"><\/span><strong>\u60a8\u7684\u7f51\u7ad9\u53ef\u80fd\u53d7\u5230\u5a01\u80c1\u7684\u8ff9\u8c61<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"3560\" data-end=\"3589\">\u6f5c\u5728\u6307\u6807\u5305\u62ec\uff1a<\/p>\n<ul data-start=\"3590\" data-end=\"3818\">\n<li data-start=\"3590\" data-end=\"3651\">\n<p data-start=\"3592\" data-end=\"3651\">\u7528\u6237\u5217\u8868\u4e2d\u51fa\u73b0\u672a\u77e5\u7ba1\u7406\u5458\u5e10\u6237<\/p>\n<\/li>\n<li data-start=\"3652\" data-end=\"3705\">\n<p data-start=\"3654\" data-end=\"3705\">\u672a\u7ecf\u6388\u6743\u7684\u91cd\u5b9a\u5411\u6216\u7f51\u7ad9\u5185\u5bb9\u7684\u66f4\u6539<\/p>\n<\/li>\n<li data-start=\"3706\" data-end=\"3760\">\n<p data-start=\"3708\" data-end=\"3760\">\u65b0\u7684 PHP \u6587\u4ef6\u5df2\u6dfb\u52a0\u5230\u4e3b\u9898\u6216\u4e0a\u4f20\u76ee\u5f55<\/p>\n<\/li>\n<li data-start=\"3761\" data-end=\"3818\">\n<p data-start=\"3763\" data-end=\"3818\">\u7a81\u7136\u51fa\u73b0\u6027\u80fd\u95ee\u9898\u6216\u5f02\u5e38\u7f51\u7edc\u6d3b\u52a8<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"3820\" data-end=\"3885\">\u65e9\u671f\u68c0\u6d4b\u53ef\u4ee5\u9632\u6b62\u66f4\u5927\u89c4\u6a21\u7684\u7834\u574f\u6216\u6570\u636e\u6cc4\u9732\u3002<\/p>\n<h3 data-start=\"3892\" data-end=\"3925\"><span class=\"ez-toc-section\" id=\"Why_This_Vulnerability_Matters\"><\/span><strong>\u6b64\u6f0f\u6d1e\u4e3a\u4f55\u91cd\u8981<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"3927\" data-end=\"4243\">Service Finder \u4e3b\u9898\u88ab\u5e7f\u6cdb\u4f7f\u7528 <strong data-start=\"3970\" data-end=\"4031\">\u5c0f\u578b\u4f01\u4e1a\u3001\u9884\u8ba2\u673a\u6784\u548c\u670d\u52a1\u63d0\u4f9b\u5546<\/strong> \u5168\u7403\u8303\u56f4\u5185\u3002\u5b83\u7684\u6d41\u884c\u4f7f\u5176\u6210\u4e3a\u653b\u51fb\u8005\u5927\u89c4\u6a21\u5165\u4fb5 WordPress \u7f51\u7ad9\u7684\u9996\u8981\u76ee\u6807\u3002\u6210\u529f\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4 <strong data-start=\"4178\" data-end=\"4242\">\u6570\u636e\u88ab\u76d7\u3001\u670d\u52a1\u4e2d\u65ad\u3001\u54c1\u724c\u58f0\u8a89\u53d7\u635f<\/strong>.<\/p>\n<p data-start=\"4245\" data-end=\"4433\">\u7ef4\u62a4 WordPress \u5b89\u5168\u9700\u8981 <strong data-start=\"4285\" data-end=\"4372\">\u5b9a\u671f\u66f4\u65b0\u3001\u4e3b\u52a8\u6f0f\u6d1e\u76d1\u63a7\u548c\u81ea\u52a8\u8865\u4e01\u7ba1\u7406<\/strong>\uff0c\u5c24\u5176\u662f\u5bf9\u4e8e\u4f9d\u8d56\u5728\u7ebf\u4e1a\u52a1\u7684\u4f01\u4e1a\u800c\u8a00\u3002<\/p>\n<h3 data-start=\"4440\" data-end=\"4529\"><span class=\"ez-toc-section\" id=\"Managed_WordPress_Hosting_by_QUAPE\"><\/span><strong>WordPress \u6258\u7ba1\u670d\u52a1\u5546 <a class=\"decorated-link\" href=\"https:\/\/www.quape.com\/zh\/hosting\/wordpress-hosting\/\" target=\"_new\" rel=\"noopener\" data-start=\"4472\" data-end=\"4529\">QUAPE<\/a><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"4531\" data-end=\"4816\">\u5728 <strong data-start=\"4534\" data-end=\"4595\"><a class=\"decorated-link\" href=\"https:\/\/www.quape.com\/zh\/hosting\/wordpress-hosting\/\" target=\"_new\" rel=\"noopener\" data-start=\"4536\" data-end=\"4593\">QUAPE<\/a><\/strong>\uff0c\u6211\u4eec\u63d0\u4f9b <strong data-start=\"4608\" data-end=\"4637\">\u6258\u7ba1 WordPress \u4e3b\u673a<\/strong> \u4fdd\u62a4\u5e76\u4f18\u5316\u60a8\u7684\u7f51\u7ad9\u3002\u6211\u4eec\u7684\u56e2\u961f\u76d1\u63a7\u4ee5\u4e0b\u6f0f\u6d1e <strong data-start=\"4715\" data-end=\"4732\">CVE-2025-5947<\/strong>\uff0c\u4e3b\u52a8\u5e94\u7528\u8865\u4e01\uff0c\u5e76\u786e\u4fdd\u60a8\u7684\u7f51\u7ad9\u4fdd\u6301\u53d7\u4fdd\u62a4\u548c\u6700\u65b0\u72b6\u6001\u3002<\/p>\n<p data-start=\"4818\" data-end=\"4857\">\u6211\u4eec\u7684\u6258\u7ba1 WordPress \u670d\u52a1\u5305\u62ec\uff1a<\/p>\n<ul data-start=\"4858\" data-end=\"5148\">\n<li data-start=\"4858\" data-end=\"4919\">\n<p data-start=\"4860\" data-end=\"4919\">WordPress \u6838\u5fc3\u3001\u4e3b\u9898\u548c\u63d2\u4ef6\u7684\u81ea\u52a8\u66f4\u65b0<\/p>\n<\/li>\n<li data-start=\"4920\" data-end=\"4967\">\n<p data-start=\"4922\" data-end=\"4967\">\u5b9e\u65f6\u6076\u610f\u8f6f\u4ef6\u9632\u62a4\u548c\u76d1\u63a7<\/p>\n<\/li>\n<li data-start=\"4968\" data-end=\"5014\">\n<p data-start=\"4970\" data-end=\"5014\">\u6bcf\u65e5\u5907\u4efd\u548c\u5feb\u901f\u6062\u590d\u652f\u6301<\/p>\n<\/li>\n<li data-start=\"5015\" data-end=\"5068\">\n<p data-start=\"5017\" data-end=\"5068\">Web\u5e94\u7528\u7a0b\u5e8f\u9632\u706b\u5899\u548c\u5165\u4fb5\u9632\u5fa1<\/p>\n<\/li>\n<li data-start=\"5069\" data-end=\"5119\">\n<p data-start=\"5071\" data-end=\"5119\">\u6027\u80fd\u4f18\u5316\u548c\u6b63\u5e38\u8fd0\u884c\u65f6\u95f4\u76d1\u63a7<\/p>\n<\/li>\n<li data-start=\"5120\" data-end=\"5148\">\n<p data-start=\"5122\" data-end=\"5148\">\u4e13\u95e8\u7684\u4e13\u5bb6\u652f\u6301<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"5150\" data-end=\"5359\">\u4e0e\u2026\u2026\u5408\u4f5c <strong data-start=\"5166\" data-end=\"5175\">QUAPE<\/strong> \u786e\u4fdd\u60a8\u7684 WordPress \u7f51\u7ad9\u514d\u53d7\u91cd\u5927\u5a01\u80c1\u7684\u4fb5\u5bb3\uff0c\u540c\u65f6\u4fdd\u6301\u6700\u4f73\u6027\u80fd\u3002\u4e86\u89e3\u66f4\u591a\u4fe1\u606f\uff0c\u8bf7\u8bbf\u95ee <a class=\"decorated-link\" href=\"https:\/\/www.quape.com\/zh\/hosting\/wordpress-hosting\/\" target=\"_new\" rel=\"noopener\" data-start=\"5297\" data-end=\"5358\">quape.com<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>A critical security vulnerability, CVE-2025-5947, has been discovered in the Service Finder Bookings plugin, which is bundled with the popular WordPress theme Service Finder. This flaw allows unauthenticated attackers to log in as any user, including administrators, without valid credentials. The vulnerability has a CVSS score of 9.8 and has been actively exploited in the [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16460,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[93,9,10],"tags":[426,427,429,156,428],"class_list":["post-16448","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-hosting","category-wordpress-news-learning","tag-cve-2025-5947","tag-service-finder-bookings-plugin","tag-wordpress-exploit","tag-wordpress-security","tag-wordpress-vulnerability"],"_links":{"self":[{"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/posts\/16448","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/comments?post=16448"}],"version-history":[{"count":0,"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/posts\/16448\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/media\/16460"}],"wp:attachment":[{"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/media?parent=16448"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/categories?post=16448"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quape.com\/zh\/wp-json\/wp\/v2\/tags?post=16448"}],"curies":[{"name":"\u53ef\u6e7f\u6027\u7c89\u5242","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}