CVE-2025-13922 is a vulnerability classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), specifically a time-based blind SQL Injection flaw in the 'Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI' WordPress plugin developed by stevejburge. The flaw exists in the 'existing_terms_orderby' parameter of the AI preview AJAX endpoint, present in all plugin versions up to and including 3.40.1. The root cause is insufficient escaping of user-supplied input combined with the absence of SQL query parameterization, which allows an authenticated attacker with Contributor-level privileges and AI metabox permissions to inject additional SQL commands into existing queries. This injection does not require user interaction beyond authentication and can be exploited to extract sensitive data from the backend database or cause performance issues through time-based inference techniques. The vulnerability has a CVSS v3.1 score of 6.5, indicating medium severity, with an attack vector over the network, low attack complexity, and requiring privileges but no user interaction. Although no public exploits are known, the presence of this vulnerability in a popular WordPress plugin used for AI-assisted tagging and taxonomy management poses a significant risk to websites relying on this functionality. The vulnerability affects the confidentiality of data but does not impact integrity or availability directly. The plugin’s widespread use in content management systems makes it a target for attackers seeking to leverage authenticated access to escalate data exposure.

For European organizations, this vulnerability can lead to unauthorized disclosure of sensitive information stored in WordPress databases, including potentially user data, content metadata, or configuration details. Since the attack requires Contributor-level access, insider threats or compromised contributor accounts could be leveraged to exploit this flaw. The ability to perform time-based blind SQL Injection means attackers can extract data stealthily without causing immediate service disruption, complicating detection. Performance degradation caused by injected queries could also affect website responsiveness, impacting user experience and business operations. Organizations relying on WordPress for content management and using this AI Autotagger plugin are at risk of data breaches and operational impacts. Given the increasing adoption of AI tools in content workflows, the scope of affected systems is significant. The confidentiality impact is high, while integrity and availability impacts are low to none. The medium severity rating reflects the balance between required privileges and potential data exposure. Failure to address this vulnerability could lead to reputational damage and regulatory compliance issues under GDPR if personal data is exposed.

Immediate mitigation steps include restricting Contributor-level users’ access to the AI metabox permissions to prevent exploitation. Administrators should audit user roles and permissions to ensure that only trusted users have Contributor or higher access with AI tagging capabilities. Monitoring and logging AJAX endpoint usage related to the 'existing_terms_orderby' parameter can help detect anomalous query patterns indicative of exploitation attempts. Since no official patch is currently available, organizations should consider disabling the plugin temporarily if feasible or replacing it with alternative tagging solutions that do not exhibit this vulnerability. Once a patch is released, prompt updating of the plugin to the fixed version is critical. Additionally, implementing Web Application Firewall (WAF) rules to detect and block SQL Injection patterns targeting this parameter can provide a protective layer. Regular security assessments and penetration testing focusing on WordPress plugins and user privilege configurations will help identify and mitigate similar risks proactively.