CVE-2025-6717 is a SQL Injection vulnerability identified in the B1.lt plugin for WordPress, affecting all versions up to and including 2.2.56. The root cause is insufficient escaping and lack of proper parameterized queries for the 'id' parameter, which is user-supplied. This flaw allows authenticated attackers with at least Subscriber-level privileges to append arbitrary SQL commands to existing queries. Because the plugin does not properly sanitize or prepare the SQL statements, attackers can exploit this to extract sensitive information from the underlying database. The vulnerability does not require user interaction but does require authentication, limiting exploitation to users with some level of access. The CVSS 3.1 score of 6.5 reflects a medium severity, with high impact on confidentiality but no impact on integrity or availability. No patches or fixes are currently linked, and no known exploits have been reported in the wild. The vulnerability is classified under CWE-89, indicating improper neutralization of special elements in SQL commands. This type of vulnerability can lead to data breaches, exposing sensitive user or system information stored in the database. Given the widespread use of WordPress and the plugin, this vulnerability poses a notable risk to affected websites.

The primary impact of this vulnerability is unauthorized disclosure of sensitive data stored in the database of affected WordPress sites using the B1.lt plugin. Attackers with Subscriber-level access can leverage this flaw to extract confidential information, which may include user credentials, personal data, or business-critical information depending on the database contents. Although the vulnerability does not allow modification or deletion of data (no integrity or availability impact), the confidentiality breach can lead to further attacks such as privilege escalation, identity theft, or targeted phishing. Organizations relying on this plugin for accounting or financial data management may face compliance violations and reputational damage if sensitive data is leaked. The requirement for authentication limits the attack surface but does not eliminate risk, especially on sites with many registered users or weak access controls. The absence of known exploits in the wild reduces immediate risk but does not preclude future exploitation once details become public.

Organizations should immediately audit their WordPress installations to identify the use of the B1.lt plugin and its version. Since no official patches are currently linked, administrators should consider the following mitigations: 1) Restrict Subscriber-level user permissions to the minimum necessary and review user roles to limit potential attackers. 2) Implement Web Application Firewall (WAF) rules to detect and block suspicious SQL injection patterns targeting the 'id' parameter. 3) Employ database query logging and monitoring to detect unusual query patterns indicative of exploitation attempts. 4) If feasible, temporarily disable or remove the B1.lt plugin until a vendor patch is released. 5) Encourage the vendor to release a patch that properly parameterizes SQL queries and escapes inputs. 6) Educate site administrators about the risks of granting unnecessary privileges to users. 7) Regularly back up databases to enable recovery in case of compromise. These steps go beyond generic advice by focusing on access control tightening, active monitoring, and temporary plugin management.