{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6717", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-26T13:37:23.294Z", "datePublished": "2025-07-18T05:23:59.924Z", "dateUpdated": "2026-04-08T17:13:23.804Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:13:23.804Z"}, "affected": [{"vendor": "b1accounting", "product": "Site.pro for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.2.56", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "title": "B1.lt for WooCommerce <= 2.2.56 - Authenticated (Subscriber+) SQL Injection", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a601d0de-2f09-4f5c-8937-dfa20f1c64ec?source=cve"}, {"url": "https://wordpress.org/plugins/b1-accounting/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3329617%40b1-accounting&new=3329617%40b1-accounting&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Aur\u00e9lien BOURDOIS"}], "timeline": [{"time": "2025-07-17T16:36:36.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T14:02:44.863657Z", "id": "CVE-2025-6717", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T14:03:04.391Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6717", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T14:02:44.863657Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T14:02:52.489Z"}}], "cna": {"title": "B1.lt for WooCommerce <= 2.2.56 - Authenticated (Subscriber+) SQL Injection", "credits": [{"lang": "en", "type": "finder", "value": "Aur\u00e9lien BOURDOIS"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "b1accounting", "product": "Site.pro for WooCommerce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.2.56"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-17T16:36:36.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a601d0de-2f09-4f5c-8937-dfa20f1c64ec?source=cve"}, {"url": "https://wordpress.org/plugins/b1-accounting/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3329617%40b1-accounting&new=3329617%40b1-accounting&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:13:23.804Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6717", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:13:23.804Z", "dateReserved": "2025-06-26T13:37:23.294Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-07-18T05:23:59.924Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}, {"lang": "es", "value": "El complemento B1.lt para WordPress es vulnerable a la inyecci\u00f3n SQL mediante el par\u00e1metro 'id' en todas las versiones hasta la 2.2.56 incluida, debido a un escape insuficiente del par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n de la consulta SQL existente. Esto permite a atacantes autenticados, con acceso de suscriptor o superior, a\u00f1adir consultas SQL adicionales a las consultas existentes, las cuales pueden utilizarse para extraer informaci\u00f3n confidencial de la base de datos."}], "id": "CVE-2025-6717", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-07-18T06:15:27.233", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3329617%40b1-accounting&new=3329617%40b1-accounting&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/b1-accounting/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a601d0de-2f09-4f5c-8937-dfa20f1c64ec?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T22:12:46.674903+00:00", "value": {"mitigation_remediation": ["Upgrade the B1.lt plugin to a release newer than version 2.2.56.", "Limit Subscriber and higher user roles to only the capabilities required for their function; consider disabling or restricting the 'id' parameter if possible.", "Deploy a Web Application Firewall rule to block suspicious SQL payloads targeting the 'id' parameter."], "summary": {"action": "Immediate Patch", "impact": "Authenticated SQL Injection"}, "threat_synthesis": {"affected_systems": "Any WordPress site running the b1accounting:Site.pro plugin for WooCommerce with a version up to and including 2.2.56 is affected. No newer releases of the plugin contain this issue.", "description_and_impact": "The B1.lt plugin for WordPress, used within WooCommerce sites, contains a flaw that allows an attacker with Subscriber-level or higher permissions to inject arbitrary SQL code through the 'id' query parameter. The vulnerability stems from insufficient escaping and the lack of prepared statements, enabling malicious actors to append additional SQL statements to existing queries. This can lead to extraction of sensitive data from the database without other external exploitation. The attack requires only authenticated access to the WordPress backend, not a separate network vulnerability.", "risk_and_exploitability": "The CVSS base score of 6.5 places this vulnerability in the medium-to\u2011high severity range. The EPSS score of less than 1% indicates a low likelihood of exploitation at present, and the vulnerability is not included in the CISA KEV catalog. An attacker must first obtain or compromise Subscriber-level credentials, which can be achieved by exploiting weak account passwords or other site weaknesses. Once authenticated, the injection permits reading of database contents, potentially breaching confidentiality and integrity of the e\u2011commerce data."}}}}, "created": "2025-07-21T15:17:10.823703+00:00", "updated": "2026-04-20T22:15:06.199407+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}