CVE-2025-6717 – WordPress B1.lt Plugin SQL Injection Vulnerability

July 18, 2025

CVE ID : CVE-2025-6717

Published : July 18, 2025, 6:15 a.m. | 4 hours, 42 minutes ago

Description : The B1.lt plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7643 – WordPress Attachment Manager Remote File Deletion Vulnerability

Next Article CVE-2025-6726 – WordPress Block Editor Gallery Slider Unauthenticated Post Meta Modification Vulnerability

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-6717 – WordPress B1.lt Plugin SQL Injection Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Is AI just hype? This report claims bots like Microsoft Copilot aren’t replacing humans, increasing wages, or even saving time

WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads

Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware

Silent Hill 2 remake developer’s new game Cronos: The New Dawn gets gameplay trailer

The Gap Strikes Back: Now Stylable

007 First Light shows off a new take on James Bond, and it’s coming to Xbox and PC in 2026

SatIntel is a OSINT tool for satellite reconnaissance

CVE-2025-26646 – Microsoft .NET Path Traversal Spoofing

CVE-2025-6717 – WordPress B1.lt Plugin SQL Injection Vulnerability

Related Posts