CVE-2025-6718 – B1.lt WordPress SQL Injection

July 18, 2025

CVE ID : CVE-2025-6718

Published : July 18, 2025, 6:15 a.m. | 4 hours, 42 minutes ago

Description : The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check on the b1_run_query AJAX action in all versions up to, and including, 2.2.56. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute and run arbitrary SQL commands.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6719 – WordPress Terms Descriptions Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-6222 – “WooCommerce Refund And Exchange with RMA – Warranty Management, Refund Policy, Manage User Wallet Arbitrary File Upload Vulnerability”

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Microsoft kills Movies & TV storefront on Windows and Xbox — here’s what will happen to your purchased media

Wacom says its new drawing tablet needs no setup and has a pen that can’t die

NordPass vs. Bitwarden: Which password manager is best?

Elon Musk teasing a Grok male companion inspired by “50 Shades of Grey” — beating Microsoft’s AI CEO at his own game

The details of TC39’s last meeting

The details of TC39’s last meeting

Conditional Collection Skipping with Laravel’s skipWhile Method

Deploying Laravel Applications on Laravel Cloud With MongoDB Atlas

Ubuntu 25.10 Shrinks its Raspberry Pi Install Footprint

Ubuntu 25.10 Shrinks its Raspberry Pi Install Footprint

Microsoft kills Movies & TV storefront on Windows and Xbox — here’s what will happen to your purchased media

Unplugged and Unstoppable: How Linux Transforms Laptop Power Management

CVE-2025-6718 – B1.lt WordPress SQL Injection

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-22238 – Minion File Cache Directory Traversal Vulnerability

What is Pen Testing as a Service (PTaaS), and Do You Need it?

Rubikverse – Online Rubik’s Cube Solvers, Simulators & Tutorials

CVE-2025-4637 – Davisking Dlib Divide By Zero Remote Denial of Service

How to Install DeepSeek on Ubuntu 24.04 (Locally)

No console needed — this discounted bundle comes with an Xbox Controller, Fire TV Stick 4K, and Game Pass Ultimate

CVE-2025-46802 – PuTTY Screen Session Privilege Escalation Vulnerability

How to change the default folder for downloads on Windows 11

CVE-2025-6718 – B1.lt WordPress SQL Injection

Related Posts