Description
The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Published: 2025-07-18
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Authenticated SQL Injection
Action: Immediate Patch
AI Analysis

Impact

The B1.lt plugin for WordPress, used within WooCommerce sites, contains a flaw that allows an attacker with Subscriber-level or higher permissions to inject arbitrary SQL code through the 'id' query parameter. The vulnerability stems from insufficient escaping and the lack of prepared statements, enabling malicious actors to append additional SQL statements to existing queries. This can lead to extraction of sensitive data from the database without other external exploitation. The attack requires only authenticated access to the WordPress backend, not a separate network vulnerability.

Affected Systems

Any WordPress site running the b1accounting:Site.pro plugin for WooCommerce with a version up to and including 2.2.56 is affected. No newer releases of the plugin contain this issue.

Risk and Exploitability

The CVSS base score of 6.5 places this vulnerability in the medium-to‑high severity range. The EPSS score of less than 1% indicates a low likelihood of exploitation at present, and the vulnerability is not included in the CISA KEV catalog. An attacker must first obtain or compromise Subscriber-level credentials, which can be achieved by exploiting weak account passwords or other site weaknesses. Once authenticated, the injection permits reading of database contents, potentially breaching confidentiality and integrity of the e‑commerce data.

Generated by OpenCVE AI on April 20, 2026 at 22:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the B1.lt plugin to a release newer than version 2.2.56.
  • Limit Subscriber and higher user roles to only the capabilities required for their function; consider disabling or restricting the 'id' parameter if possible.
  • Deploy a Web Application Firewall rule to block suspicious SQL payloads targeting the 'id' parameter.

Generated by OpenCVE AI on April 20, 2026 at 22:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-21848 The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
History

Wed, 08 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
References

Fri, 18 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 18 Jul 2025 05:30:00 +0000

Type Values Removed Values Added
Description The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Title B1.lt for WooCommerce <= 2.2.56 - Authenticated (Subscriber+) SQL Injection
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:13:23.804Z

Reserved: 2025-06-26T13:37:23.294Z

Link: CVE-2025-6717

cve-icon Vulnrichment

Updated: 2025-07-18T14:02:52.489Z

cve-icon NVD

Status : Deferred

Published: 2025-07-18T06:15:27.233

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-6717

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T22:15:06Z

Weaknesses