CVE-2022-47586 WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.1.23 is vulnerable to SQL Injection

🗓️ 19 Jun 2023 11:58:10Reported by PatchstackType

WordPress Ultimate Addons for Contact Form 7 Plugin SQL Injection CVE-2022-47586

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress plugin Ultimate Addons for Contact Form 7 SQL注入漏洞	19 Jun 202300:00	–	cnnvd
CVE	CVE-2022-47586	19 Jun 202311:58	–	cve
EUVD	EUVD-2022-50346	3 Oct 202520:07	–	euvd
NVD	CVE-2022-47586	19 Jun 202312:15	–	nvd
Patchstack	WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.1.23 is vulnerable to SQL Injection	9 May 202300:00	–	patchstack
Prion	Sql injection	19 Jun 202312:15	–	prion
Positive Technologies	PT-2023-15409 · Unknown · Themefic Ultimate Addons For Contact Form 7	19 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2022-47586	6 Feb 202500:04	–	redhatcve
Vulnrichment	CVE-2022-47586 WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.1.23 is vulnerable to SQL Injection	19 Jun 202311:58	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 8, 2023 to May 14, 2023)	18 May 202312:45	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "ultimate-addons-for-contact-form-7",
    "product": "Ultimate Addons for Contact Form 7",
    "vendor": "Themefic",
    "versions": [
      {
        "changes": [
          {
            "at": "3.1.24",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "3.1.23",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/ultimate-addons-for-contact-form-7/wordpress-ultimate-addons-for-contact-form-7-plugin-3-1-23-sql-injection

28 Apr 2026 16:07Current

10High risk

Vulners AI Score10

CVSS 3.18.2

EPSS0.00183

CWE-89