cleantalk
Vulnerabilities and Security Researches

Ultimate Addons for Contact Form 7, CVE-2023-49766

CVE, Research URL

CVE-2023-49766

Home page URL

Security reports for Ultimate Addons for Contact Form 7

Application

Ultimate Addons for Contact Form 7

Published on
Dec 14, 2023
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Stored XSS.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.2.0.
Affected versions
Min -, max 3.2.1.
Status
vulnerable
Previous vulnerability researches
Ultimate Addons for Contact Form 7 (CVE-2022-47586) , Jun 07, 2024
Ultimate Addons for Contact Form 7 (CVE-2023-1615) , Jun 07, 2024
Ultimate Addons for Contact Form 7 (CVE-2023-30495) , Jun 07, 2024
Ultimate Addons for Contact Form 7 (CVE-2023-30493) , Jun 07, 2024
Ultimate Addons for Contact Form 7 (CVE-2023-2802) , Jun 07, 2024
New vulnerability
CubeWP Forms – LeadGen & Contact Form (CVE-2025-49880) , Jun 20, 2025
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden (CVE-2025-49316) , Jun 20, 2025
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit (CVE-2025-1562) , Jun 20, 2025
eCommerce Product Catalog Plugin for WordPress (CVE-2025-49331) , Jun 20, 2025
Broadstreet (CVE-2025-4652) , Jun 20, 2025