EPSS
Percentile
61.1%
The plugin does not properly sanitize the ‘id’ parameter, leading to a SQL Injection vulnerability.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ultimate-addons-for-contact-form-7/ultimate-addons-for-contact-form-7-3123-authenticatedsubscriber-sql-injection