Authentication Bypass Vulnerability in Elated Themes Search & Go
CVE-2025-62064

Currently unrated

Key Information:

Vendor

WordPress
Status
Search & Go
Vendor
CVE Published:
6 November 2025

What is CVE-2025-62064?

An authentication bypass vulnerability has been identified in Elated Themes' Search & Go product, allowing attackers to exploit weaknesses in the password recovery process. This flaw permits unauthorized access to sensitive information, potentially compromising user accounts. The vulnerability specifically affects versions of Search & Go from its inception up to and including version 2.7, highlighting the importance for users to review their installations and apply necessary updates or mitigations.

Affected Version(s)

Search & Go <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Theme/searc...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program
JSON
.
CVE-2025-62064 : Authentication Bypass Vulnerability in Elated Themes Search & Go