CVE-2025-6718 – B1.lt WordPress SQL Injection

July 18, 2025

CVE ID : CVE-2025-6718

Published : July 18, 2025, 6:15 a.m. | 4 hours, 42 minutes ago

Description : The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check on the b1_run_query AJAX action in all versions up to, and including, 2.2.56. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute and run arbitrary SQL commands.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6719 – WordPress Terms Descriptions Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-6222 – “WooCommerce Refund And Exchange with RMA – Warranty Management, Refund Policy, Manage User Wallet Arbitrary File Upload Vulnerability”

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

I ran with Samsung’s Galaxy Watch 8 Classic, and it both humbled and motivated me

You can finally move Chrome’s address bar on Android – here’s how

Is your Ring camera showing strange logins? Here’s what’s going on

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

Ubuntu 25.10 Shrinks its Raspberry Pi Install Footprint

Microsoft kills Movies & TV storefront on Windows and Xbox — here’s what will happen to your purchased media

CVE-2025-6718 – B1.lt WordPress SQL Injection

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

October is the Cyber Security Month: stats, events and advice

CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

CVE-2025-5974 – PHPGurukul Restaurant Table Booking System Cross-Site Scripting Vulnerability

How to Build a Local RAG App with Ollama and ChromaDB in the R Programming Language

10 Reasons to Turn Down a Promotion (Free Download)

Git Apprentice [SUBSCRIBER]

CVE-2025-31259 – Apple macOS Sequoia Privilege Escalation Vulnerability

Microsoft says AI agents will make every employee an “agent boss” — after Bill Gates claimed AI will replace humans in most jobs

CVE-2025-6718 – B1.lt WordPress SQL Injection

Related Posts