Login Sign Up

CVE-2025-0821

6.5 MEDIUM
SQL Injection

📋 TL;DR

The Bit Assist WordPress plugin contains a time-based SQL injection vulnerability in all versions up to 1.5.2. Authenticated attackers with Subscriber-level access or higher can exploit this to extract sensitive information from the database by manipulating SQL queries through the 'id' parameter.

💻 Affected Systems

Products:
  • Bit Assist WordPress Plugin
Versions: All versions up to and including 1.5.2
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with Bit Assist plugin enabled and at least one authenticated user account (Subscriber role or higher).

📦 What is this software?

Bit Assist by Bitapps

View all CVEs affecting Bit Assist →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including extraction of user credentials, sensitive site data, and potential privilege escalation to administrative access.

🟠

Likely Case

Data exfiltration of user information, plugin settings, and potentially other WordPress table data accessible to the database user.

🟢

If Mitigated

Limited impact with proper input validation and query parameterization in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires authenticated access but only Subscriber-level privileges, which are commonly available. Time-based injection makes detection more difficult.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.3 or later

Vendor Advisory: https://wordpress.org/plugins/bit-assist/#developers

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Bit Assist plugin. 4. Click 'Update Now' if update available. 5. Alternatively, download version 1.5.3+ from WordPress repository and manually replace plugin files.

🔧 Temporary Workarounds

Disable Bit Assist Plugin

all

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate bit-assist

Web Application Firewall Rule

all

Block SQL injection patterns targeting the vulnerable endpoint

🧯 If You Can't Patch

  • Remove Subscriber role from all non-essential users
  • Implement strict network access controls to limit plugin access

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Bit Assist version. If version is 1.5.2 or lower, system is vulnerable.

Check Version:

wp plugin get bit-assist --field=version

Verify Fix Applied:

Verify Bit Assist plugin version is 1.5.3 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual database query patterns from WordPress users
  • Multiple failed/timeout requests to WidgetChannelController endpoints
  • SQL error messages in WordPress debug logs

Network Indicators:

  • Repeated POST requests to /wp-admin/admin-ajax.php with SQL-like payloads in 'id' parameter
  • Unusual timing patterns in HTTP responses

SIEM Query:

source="wordpress.log" AND ("SQL syntax" OR "database error" OR "WidgetChannelController")

📊 Metadata

CVE ID: CVE-2025-0821
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-89
EPSS Score: 0.24% exploit probability (46.2th percentile)
Published: February 14, 2025
Last Updated: February 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0821, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)